www.guri2o1667.work Open in urlscan Pro
35.75.255.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.guri2o1667.work/
Effective URL:
https://www.guri2o1667.work/
Submission: On December 11 via api (December 11th 2023, 4:57:28 pm UTC) from US — Scanned from JP

Summary HTTP 282 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 47 IPs in 8 countries across 41 domains to perform 282 HTTP transactions. The main IP is 35.75.255.9, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is www.guri2o1667.work.
TLS certificate: Issued by R3 on November 11th 2023. Valid for: 3 months.

This is the only time www.guri2o1667.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.199.90.60 54.199.90.60	16509 (AMAZON-02) (AMAZON-02)
1	35.75.255.9 35.75.255.9	16509 (AMAZON-02) (AMAZON-02)
19	23.39.217.2 23.39.217.2	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.204.139.144 23.204.139.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
36	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
15 15	18.65.216.116 18.65.216.116	16509 (AMAZON-02) (AMAZON-02)
17	65.9.42.68 65.9.42.68	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4004:81d::200e	15169 (GOOGLE) (GOOGLE)
1	23.51.130.131 23.51.130.131	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.249.88.200 54.249.88.200	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:150... 2400:52e0:1501::1146:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2606:2800:248... 2606:2800:248:2f:1d8a:787:dc7:17df	15133 (EDGECAST) (EDGECAST)
5	2404:6800:400... 2404:6800:4004:81e::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	13.115.18.61 13.115.18.61	16509 (AMAZON-02) (AMAZON-02)
5 23	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
1	52.69.85.8 52.69.85.8	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4004:820::200e	15169 (GOOGLE) (GOOGLE)
1	13.35.49.63 13.35.49.63	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
3 12	2404:6800:400... 2404:6800:400a:805::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c03::9a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:828::200e	15169 (GOOGLE) (GOOGLE)
11	2404:6800:400... 2404:6800:4004:81e::200a	15169 (GOOGLE) (GOOGLE)
1 60	2404:6800:400... 2404:6800:4004:822::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:818::2002	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4004:801::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:822::200e	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4004:80f::2003	15169 (GOOGLE) (GOOGLE)
10	142.250.207.2 142.250.207.2	15169 (GOOGLE) (GOOGLE)
1 2	54.238.129.226 54.238.129.226	16509 (AMAZON-02) (AMAZON-02)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
5 17	142.250.199.98 142.250.199.98	15169 (GOOGLE) (GOOGLE)
1	2001:df2:a300... 2001:df2:a300:bbbb::136	6336 (TURN-US-ASN) (TURN-US-ASN)
1	142.251.8.156 142.251.8.156	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c5:d600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7782:bf7b:717d:d1bd:feca	16509 (AMAZON-02) (AMAZON-02)
2 2	2406:da18:929... 2406:da18:929:5a03:f3ca:71cb:3519:40b	16509 (AMAZON-02) (AMAZON-02)
1 1	54.249.131.168 54.249.131.168	16509 (AMAZON-02) (AMAZON-02)
1 1	185.98.54.153 185.98.54.153	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	35.73.236.89 35.73.236.89	16509 (AMAZON-02) (AMAZON-02)
1	182.22.31.124 182.22.31.124	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
3 3	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
1	2404:6800:400... 2404:6800:4004:826::2006	15169 (GOOGLE) (GOOGLE)
1 1	184.27.185.4 184.27.185.4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	124.146.153.163 124.146.153.163	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	202.241.208.2 202.241.208.2	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1 1	18.176.234.133 18.176.234.133	16509 (AMAZON-02) (AMAZON-02)
2 2	185.84.60.20 185.84.60.20	198622 (ADFORM) (ADFORM)
1 2	23.37.117.101 23.37.117.101	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.160.173.212 35.160.173.212	16509 (AMAZON-02) (AMAZON-02)
2	172.217.161.66 172.217.161.66	15169 (GOOGLE) (GOOGLE)
11	23.215.243.88 23.215.243.88	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	204.79.197.204 204.79.197.204	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
282	47

1 54.199.90.60 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-90-60.ap-northeast-1.compute.amazonaws.com

www.guri2o1667.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.75.255.9 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-255-9.ap-northeast-1.compute.amazonaws.com

www.guri2o1667.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.39.217.2 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-217-2.deploy.static.akamaitechnologies.com

cdn-ak.f.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.image.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.blog.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.139.144 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-139-144.deploy.static.akamaitechnologies.com

usercss.blog.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.65.216.116 (United States) 15 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-216-116.nrt57.r.cloudfront.net

b.hatena.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 65.9.42.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-68.nrt12.r.cloudfront.net

b.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:81d::200e (Australia)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.130.131 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-130-131.deploy.static.akamaitechnologies.com

cdn.profile-image.st-hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.249.88.200 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-88-200.ap-northeast-1.compute.amazonaws.com

rws.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1501::1146:1 (Japan)

ASN200325 (BUNNYCDN, SI)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:248:2f:1d8a:787:dc7:17df (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:81e::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.115.18.61 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-18-61.ap-northeast-1.compute.amazonaws.com

blog.hatena.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4004:822::2002 (Australia) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.69.85.8 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-85-8.ap-northeast-1.compute.amazonaws.com

pf-api.hatena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:820::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.49.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-63.nrt20.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:400a:805::2004 (Osaka, Japan) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c03::9a (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:828::200e (Australia)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4004:81e::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2404:6800:4004:822::2001 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:818::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:80f::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.238.129.226 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-129-226.ap-northeast-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.199.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:a300:bbbb::136 (United States)

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.8.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c5:d600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7782:bf7b:717d:d1bd:feca (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da18:929:5a03:f3ca:71cb:3519:40b (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.249.131.168 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-131-168.ap-northeast-1.compute.amazonaws.com

dynalyst-sync.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.54.153 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.73.236.89 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-236-89.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.22.31.124 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.220 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.27.185.4 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-27-185-4.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.163 (Kakegawa, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.2 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

gdn.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.176.234.133 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.117.101 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-117-101.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.160.173.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-173-212.us-west-2.compute.amazonaws.com

ads.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.161.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.215.243.88 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-243-88.deploy.static.akamaitechnologies.com

dco-assets.everestads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.204 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0005.a-msedge.net

analyticspixel.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
96	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	5 MB
44	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	359 KB
38	st-hatena.com cdn-ak.f.st-hatena.com — Cisco Umbrella Rank: 289411 cdn.image.st-hatena.com — Cisco Umbrella Rank: 400316 cdn.blog.st-hatena.com — Cisco Umbrella Rank: 335758 usercss.blog.st-hatena.com — Cisco Umbrella Rank: 463096 b.st-hatena.com — Cisco Umbrella Rank: 115548 cdn.profile-image.st-hatena.com — Cisco Umbrella Rank: 497353	732 KB
20	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	443 KB
18	hatena.ne.jp 15 redirects b.hatena.ne.jp — Cisco Umbrella Rank: 114757 blog.hatena.ne.jp — Cisco Umbrella Rank: 412378	12 KB
15	google.com 3 redirects cse.google.com — Cisco Umbrella Rank: 3119 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 411	175 KB
11	everestads.net dco-assets.everestads.net — Cisco Umbrella Rank: 6438	75 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	8 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	107 KB
10	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	417 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
3	everesttech.net ads.everesttech.net — Cisco Umbrella Rank: 6344	24 KB
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 27586	1 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com — Cisco Umbrella Rank: 1549	132 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	605 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1450 gdn.socdm.com — Cisco Umbrella Rank: 105634	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	70 KB
2	guri2o1667.work 1 redirects www.guri2o1667.work	14 KB
1	microsoft.com analyticspixel.microsoft.com — Cisco Umbrella Rank: 6369	676 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	23 KB
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 95478	682 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 4999	614 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2266	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	490 B
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 3260	623 B
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 28404	516 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9014	293 B
1	adtdp.com 1 redirects dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 35120	589 B
1	turn.com d.turn.com — Cisco Umbrella Rank: 1349	398 B
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 17722	526 B
1	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700	432 B
1	hatena.com pf-api.hatena.com — Cisco Umbrella Rank: 460376	322 B
1	rawgit.com cdn.rawgit.com — Cisco Umbrella Rank: 11597	1 KB
1	a8.net rws.a8.net
282	41

	Domain	Requested by
60	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net www.guri2o1667.work tpc.googlesyndication.com pagead2.googlesyndication.com
36	pagead2.googlesyndication.com	www.guri2o1667.work pagead2.googlesyndication.com googleads.g.doubleclick.net cdn.blog.st-hatena.com tpc.googlesyndication.com www.googletagservices.com fw.adsafeprotected.com
23	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.guri2o1667.work
17	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net www.guri2o1667.work
17	b.st-hatena.com	www.guri2o1667.work blog.hatena.ne.jp
17	cdn.blog.st-hatena.com	www.guri2o1667.work usercss.blog.st-hatena.com cdn.blog.st-hatena.com blog.hatena.ne.jp
15	b.hatena.ne.jp	15 redirects
12	www.google.com	3 redirects cse.google.com www.google.com www.guri2o1667.work googleads.g.doubleclick.net tpc.googlesyndication.com
11	dco-assets.everestads.net	ads.everesttech.net dco-assets.everestads.net
11	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
10	www.googleadservices.com	www.guri2o1667.work
9	fonts.gstatic.com	fonts.googleapis.com
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com cdn.blog.st-hatena.com
5	www.googletagmanager.com	www.guri2o1667.work www.googletagmanager.com blog.hatena.ne.jp www.google-analytics.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	ads.everesttech.net	fw.adsafeprotected.com ads.everesttech.net dco-assets.everestads.net
3	sync.gonet-ads.com	3 redirects
3	blog.hatena.ne.jp	cdn.blog.st-hatena.com
2	googleads4.g.doubleclick.net	fw.adsafeprotected.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	fw.adsafeprotected.com	1 redirects www.guri2o1667.work
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	www.youtube.com	cdn.blog.st-hatena.com www.youtube.com
2	connect.facebook.net	www.guri2o1667.work connect.facebook.net
2	maxcdn.bootstrapcdn.com	usercss.blog.st-hatena.com maxcdn.bootstrapcdn.com
2	platform.twitter.com	www.guri2o1667.work platform.twitter.com
2	cse.google.com	www.guri2o1667.work www.google.com
2	www.guri2o1667.work	1 redirects
1	analyticspixel.microsoft.com
1	cdn.jsdelivr.net	dco-assets.everestads.net
1	cs.r-ad.ne.jp	1 redirects
1	gdn.socdm.com	www.guri2o1667.work
1	tg.socdm.com	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	s.tribalfusion.com	www.guri2o1667.work
1	a.tribalfusion.com	1 redirects
1	analytics.pangle-ads.com	1 redirects
1	s0.2mdn.net
1	cksync.yahoo.co.jp	googleads.g.doubleclick.net
1	ds.uncn.jp	1 redirects
1	s.uuidksinc.net	1 redirects
1	dynalyst-sync.adtdp.com	1 redirects
1	static.adsafeprotected.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	googleads.g.doubleclick.net
1	d.turn.com	googleads.g.doubleclick.net
1	s-cs.send.microad.jp	1 redirects
1	clients1.google.com	www.guri2o1667.work
1	stats.g.doubleclick.net	cdn.blog.st-hatena.com
1	syndication.twitter.com	platform.twitter.com
1	static.hotjar.com	www.googletagmanager.com
1	pf-api.hatena.com	cdn.blog.st-hatena.com
1	cdn.rawgit.com	www.guri2o1667.work
1	rws.a8.net	www.guri2o1667.work
1	cdn.profile-image.st-hatena.com	www.guri2o1667.work
1	usercss.blog.st-hatena.com	www.guri2o1667.work
1	cdn.image.st-hatena.com	www.guri2o1667.work
1	cdn-ak.f.st-hatena.com	www.guri2o1667.work
282	62

This site contains links to these domains. Also see Links.

Domain
b.hatena.ne.jp
blog.hatena.ne.jp

Subject Issuer	Validity	Valid
www.guri2o1667.work R3	`2023-11-11` - `2024-02-09`	3 months	crt.sh
cdn-ak.b.st-hatena.com GeoTrust RSA CA 2018	`2023-07-06` - `2024-07-06`	a year	crt.sh
usercss.blog.st-hatena.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.a8.net GlobalSign GCC R3 DV TLS CA 2020	`2023-06-01` - `2024-07-02`	a year	crt.sh
cdn.rawgit.com R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.b.st-hatena.com Amazon RSA 2048 M02	`2023-09-23` - `2024-10-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-19` - `2023-12-18`	3 months	crt.sh
hatenablog.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.hatena.com Amazon RSA 2048 M03	`2023-11-08` - `2024-12-06`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-10-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-11-30` - `2024-12-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.everesttech.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
www.adobetag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-24` - `2024-08-23`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
analyticspixel.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-11-01` - `2024-04-29`	6 months	crt.sh

This page contains 35 frames:

Primary Page: https://www.guri2o1667.work/
Frame ID: DE481F32D26B9E0D3D0D4C9019CEC2E0
Requests: 69 HTTP requests in this frame

Frame: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro
Frame ID: 26EB230785550206C23E7527148B78A6
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: CA11ECACE0A1AC2CBB645C7CEC54C74D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.979019d93e57e124a0ac3dd81bd32027.html?origin=https%3A%2F%2Fwww.guri2o1667.work
Frame ID: A8188E583770652D4CA694AEAB2A598C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&adk=1812271804&adf=3025194257&lmt=1702313841&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313841408&bpp=6&bdt=291&idt=193&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=593224881156&frm=20&pv=2&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=208
Frame ID: 5FDC56050D57E7B7B3EB47DB16858216
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=280&adk=33187953&adf=461504685&pi=t.aa~a.279446055~rp.1&w=1030&fwrn=4&fwrnh=100&lmt=1702313841&rafmt=1&to=qs&pwprc=9467480384&format=1030x280&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313841414&bpp=1&bdt=298&idt=210&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=212
Frame ID: 6B3E3CABE5BADAEC5D94C1F31D882DBC
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=1205157737&pi=t.aa~a.2625880853~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280&nras=3&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Frame ID: CBAE8081E572E039A6D0D95DD46A437C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11
Frame ID: 9AF1034FF9EF69A8584FE023FD1B6A34
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=600&adk=2226316099&adf=3536934912&pi=t.aa~a.1678542404~rp.4&w=290&fwrn=4&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=290x600&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200%2C640x200&nras=5&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=4023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=14
Frame ID: 55AA6105C6FB1924A133FA465C0BA2AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 3BFBB4592BD540313448BC466FFF184D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4A178CAEA46CFAB41FCBE2FE9C05C389
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 765C900947E30281E0FBCD19503A6AD7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F1B3A9657536FBB76DF1A150EE04734D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AC1072292B31EC76F9F73E640497434F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DBB8EDBE82F09EADB562287EAB235137
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYkYCr7gEwAQ&v=APEucNWOmQWE90rbba5fxSEpd9raywyE03JDneI8XzQfGjuMGFvmsL6EgKYfMWt9Tv5PGs-Jy0a6WIX8dZrIfA798Poo_YOC1A
Frame ID: F43787D106E4DEB72D394E75408A9083
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A809E5BAB76D63D5CBFCEE81536488A4
Requests: 27 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%93%E3%82%AFG%E7%9F%A5%E3%83%88%E3%82%8B%E3%80%82%20%E8%A7%A3%E3%82%92%E3%81%AEa%E9%96%8B%E5%BC%B7%E5%8C%96c%E3%82%B9%E8%A6%96%E3%83%AF%E3%81%AA%E3%81%98n%E3%82%8A%E8%A6%8By%E8%A6%81%E6%8F%90%E3%82%A3%E6%9E%90%E3%83%87%E3%83%95%E3%83%83%E5%8A%9B%E3%80%81%E8%83%BD%E3%82%B8%E3%81%97t%E3%82%BF%E4%BE%9B%E9%96%89%E3%83%BC%E3%83%8D%E6%B7%B1%E5%BF%85%E3%81%BE%E3%82%B0ls%E3%81%8F%E3%81%AFeA%E3%83%A9%E3%82%88%E5%8F%AFi%E3%81%AB%E3%81%99
Frame ID: A868097735162A1EE7F7D27814A79BB9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B694D841E7279ED919CDFAE2A8B06C43
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: E87D3C2EC7C400E0D7D7948AFBFC9ED5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html
Frame ID: 03CFBFC74CA2E4A3D1F9074EF4AC39C7
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Frame ID: EB33C0D7CFE235D05AAA1B1162E86EC2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3CC0FABB1E39DAB1AE1DFFA1308D0D64
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 4DCDA6CCAF24628E10168FEAE15EBE9D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9EB4196C6B2596430B3AB02BDF17815A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 66B8071B20A03AF3964DF953B094F92F
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 833D0029FA19D46C7173A20F4804A3DB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 226A14A07A9984BA7C0D797C19FD2E8C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9EC4B61E1D6A10206F12C66C87AF6823
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: A7F6F2D09B1A6EBA05477C78521F1653
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 0F23B47CF2F4CD8832CC21A3921A85A7
Requests: 1 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXc_dAAAAG7aFEEz
Frame ID: 895961E44512FDAA2284C02D8B8B296F
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Frame ID: C127F3423278C225B90E83E040838A78
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CA93FDDD49ED390549458959742A6E25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5DD34C8D70E0973CD982A8B3C06A7BA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

自由気ままに書いちゃおう検索

Page URL History Show full URLs

http://www.guri2o1667.work/ HTTP 301
https://www.guri2o1667.work/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

282
Requests

87 %
HTTPS

44 %
IPv6

41
Domains

62
Subdomains

47
IPs

8
Countries

8231 kB
Transfer

14972 kB
Size

38
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/12/08/%E3%80%90Github%E3%80%91GitHub_Enterprise_Server_%E3%81%A8_GitHub_Enterprise_Cloud_%E3%81%AE%E9%81%95%E3%81%84%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/11/21/%E3%80%90Docker%E3%80%91Dockerfile%E3%81%A7%E8%A8%98%E8%BF%B0%E3%81%99%E3%82%8BARG%E3%81%A8ENV%E3%81%AE%E9%81%95%E3%81%84%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/11/21/%E3%80%90Github%E3%80%91%E3%83%97%E3%83%AB%E3%83%AA%E3%82%AF%E3%82%A8%E3%82%B9%E3%83%88%E3%81%AE%E3%83%9E%E3%83%BC%E3%82%B8%E6%88%A6%E7%95%A5%EF%BC%88merge_commit/squash/rebase%EF%BC%89%E3%81%AB%E3%81%A4

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/11/15/%E3%80%90Docker%E3%80%91Dockerfile%E3%81%A7%E8%A8%98%E8%BF%B0%E3%81%99%E3%82%8BRUN%E3%81%A8CMD%E3%81%A8ENTRYPOINT%E3%81%AE%E9%81%95%E3%81%84%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6_%E8%A3%9C%E8%B6%B3

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/11/15/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89%E3%82%88%E3%81%8F%E4%BD%BF%E3%81%86%E9%96%A2%E6%95%B0%E3%81%A8%E3%83%A1%E3%82%BF%E5%BC%95%E6%95%B0_%E3%81%9D

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/11/10/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89%E3%82%88%E3%81%8F%E4%BD%BF%E3%81%86%E9%96%A2%E6%95%B0%E3%81%A8%E3%83%A1%E3%82%BF%E5%BC%95%E6%95%B0_%E3%81%9D

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/11/07/%E3%80%90Github%E3%80%91JWT%EF%BC%88JSON_Web_Token%EF%BC%89%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/10/01/%E3%80%90AWS%E3%80%91SES%E3%81%A7%E5%AE%9B%E5%85%88%E3%83%A1%E3%83%BC%E3%83%AB%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%82%92%E5%88%B6%E9%99%90%E3%81%99%E3%82%8B

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/09/06/%E3%80%90AWS%E3%80%91RDS/Aurora%E3%81%AE%E8%AA%8D%E8%A8%BC%E6%A9%9F%E9%96%A2/%E3%82%B5%E3%83%BC%E3%83%90%E3%83%BC%E8%A8%BC%E6%98%8E%E6%9B%B8%E3%81%AE%E6%9B%B4%E6%96%B0%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/07/06/%E3%80%90AWS%E3%80%91%E3%83%91%E3%83%96%E3%83%AA%E3%83%83%E3%82%AF%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%A8%E9%9D%99%E7%9A%84Web%E3%83%9B%E3%82%B9%E3%83%86%E3%82%A3%E3%83%B3%E3%82%B0%E3%81%AE%E9%81%95

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/06/07/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89count%E3%81%A7%E4%BD%9C%E6%88%90%E3%81%97%E3%81%9F%E3%83%AA%E3%82%BD%E3%83%BC%E3%82%B9%E3%82%92output%E3%81%99

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/06/06/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89for%E3%81%A8for_each%E3%81%AE%E9%81%95%E3%81%84%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6_2

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/06/05/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89_values%E9%96%A2%E6%95%B0%E3%82%92%E4%BD%BF%E3%81%A3%E3%81%A6%E5%80%A4%E3%81%A0%E3%81%91%E3%82%92%E5%8F%96

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/06/02/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89_count%E3%82%92%E4%BD%BF%E3%81%A3%E3%81%A6%E7%B9%B0%E3%82%8A%E8%BF%94%E3%81%99

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/s/www.guri2o1667.work/entry/2023/06/01/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89%E5%88%A5%E3%83%AA%E3%83%BC%E3%82%B8%E3%83%A7%E3%83%B3%E3%81%ABAWS%E3%83%AA%E3%82%BD%E3%83%BC%E3%82%B9%E3%82%92

Search URL Search Domain Scan URL

URL: https://blog.hatena.ne.jp/-/pro?plus_via=blog_plus_badge&utm_source=pro_badge&utm_medium=referral&utm_campaign=register_pro
Title: はてなブログPro

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.guri2o1667.work/ HTTP 301
https://www.guri2o1667.work/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/12/08/%E3%80%90Github%E3%80%91GitHub_Enterprise_Server_%E3%81%A8_GitHub_Enterprise_Cloud_%E3%81%AE%E9%81%95%E3%81%84%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 6

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/21/%E3%80%90Docker%E3%80%91Dockerfile%E3%81%A7%E8%A8%98%E8%BF%B0%E3%81%99%E3%82%8BARG%E3%81%A8ENV%E3%81%AE%E9%81%95%E3%81%84%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 7

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/21/%E3%80%90Github%E3%80%91%E3%83%97%E3%83%AB%E3%83%AA%E3%82%AF%E3%82%A8%E3%82%B9%E3%83%88%E3%81%AE%E3%83%9E%E3%83%BC%E3%82%B8%E6%88%A6%E7%95%A5%EF%BC%88merge_commit/squash/rebase%EF%BC%89%E3%81%AB%E3%81%A4 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 8

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/15/%E3%80%90Docker%E3%80%91Dockerfile%E3%81%A7%E8%A8%98%E8%BF%B0%E3%81%99%E3%82%8BRUN%E3%81%A8CMD%E3%81%A8ENTRYPOINT%E3%81%AE%E9%81%95%E3%81%84%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6_%E8%A3%9C%E8%B6%B3 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 9

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/15/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89%E3%82%88%E3%81%8F%E4%BD%BF%E3%81%86%E9%96%A2%E6%95%B0%E3%81%A8%E3%83%A1%E3%82%BF%E5%BC%95%E6%95%B0_%E3%81%9D HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 10

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/10/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89%E3%82%88%E3%81%8F%E4%BD%BF%E3%81%86%E9%96%A2%E6%95%B0%E3%81%A8%E3%83%A1%E3%82%BF%E5%BC%95%E6%95%B0_%E3%81%9D HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00001.gif

Request Chain 11

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/07/%E3%80%90Github%E3%80%91JWT%EF%BC%88JSON_Web_Token%EF%BC%89%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00001.gif

Request Chain 12

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/10/01/%E3%80%90AWS%E3%80%91SES%E3%81%A7%E5%AE%9B%E5%85%88%E3%83%A1%E3%83%BC%E3%83%AB%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3%82%92%E5%88%B6%E9%99%90%E3%81%99%E3%82%8B HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 13

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/09/06/%E3%80%90AWS%E3%80%91RDS/Aurora%E3%81%AE%E8%AA%8D%E8%A8%BC%E6%A9%9F%E9%96%A2/%E3%82%B5%E3%83%BC%E3%83%90%E3%83%BC%E8%A8%BC%E6%98%8E%E6%9B%B8%E3%81%AE%E6%9B%B4%E6%96%B0%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 14

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/07/06/%E3%80%90AWS%E3%80%91%E3%83%91%E3%83%96%E3%83%AA%E3%83%83%E3%82%AF%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%A8%E9%9D%99%E7%9A%84Web%E3%83%9B%E3%82%B9%E3%83%86%E3%82%A3%E3%83%B3%E3%82%B0%E3%81%AE%E9%81%95 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 15

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/06/07/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89count%E3%81%A7%E4%BD%9C%E6%88%90%E3%81%97%E3%81%9F%E3%83%AA%E3%82%BD%E3%83%BC%E3%82%B9%E3%82%92output%E3%81%99 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 16

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/06/06/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89for%E3%81%A8for_each%E3%81%AE%E9%81%95%E3%81%84%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6_2 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 17

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/06/05/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89_values%E9%96%A2%E6%95%B0%E3%82%92%E4%BD%BF%E3%81%A3%E3%81%A6%E5%80%A4%E3%81%A0%E3%81%91%E3%82%92%E5%8F%96 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 18

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/06/02/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89_count%E3%82%92%E4%BD%BF%E3%81%A3%E3%81%A6%E7%B9%B0%E3%82%8A%E8%BF%94%E3%81%99 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 19

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/06/01/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89%E5%88%A5%E3%83%AA%E3%83%BC%E3%82%B8%E3%83%A7%E3%83%B3%E3%81%ABAWS%E3%83%AA%E3%82%BD%E3%83%BC%E3%82%B9%E3%82%92 HTTP 302
https://b.st-hatena.com/images/users/gif/normal/00000.gif

Request Chain 90

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCW46TzmgEQsAkYsAkyCCtyDyDi_3UE HTTP 301
https://tpc.googlesyndication.com/simgad/12589505205993449889

Request Chain 101

https://googleads.g.doubleclick.net/pagead/adview?ai=Cxu6WcT93ZfaPKIqogAP876vYCvCIieB0rfHo04ISlKrt2-IQEAEgncWse2CJ88WE9BOgAaHAmPEoyAEJqQIEwq9ztrOCPqgDAcgDywSqBO8BT9A1o6gJWcSsUwb85xMWQKrI_57DY6Eh-aI0iqPjHNfB4yrDu2LqNC2mWnBduJoaGsMn_UuhnMf1wMLcSFTk0qWf1nuNnGOSyh9Yp8WwkjUezh6BkTUlkn2O2CgCHzgaPa9ljP7fafUqTsEbYOV5RNcDtSVChrDV94KXd6OCL14HmUG4qeuUv4jOe8sKZ1XLKT-mAVJ4K5pcngGNvc097f91_zb2EKW2XMt3HqLv8zL_7ekTWOP1NheioO0JtJgRtic4ZPgomiUeHz9SrsOVALaTtwOePgDEUZ_kkss3AOCAiNq1J0oeKy0XRf283yzABMiBxPjIBIgFqKLNyE2SBQQIBBgBkgUECAUYBKAGLoAHtsbb1wSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ-c4S0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj39M-e7YeDA5oJggJodHRwczovL3d3dy50ZW11LmNvbS9qcC9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTEwMH5qYX5KUFkmZ29vZHNfaWQ9NjAxMDk5NTE1NzIyMTA3Jl9wX3Jmcz0xJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYmdfYWRpZD1nZDIxMzY2NzEtMiZ0b3BpY19jbGFzc2lmeT0xMjSACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwQCgoQgP_Kucnwv98oEgIBA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi0yMzA3MTcxMTU3MDYzNjU4GAA&sigh=10e4tYmShjg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_v7-8DMWRj1oCUsFkd02V5mnJlckSAj8l0CMCrPIEYW9p7pmOs7ah70Ev1SWXAxL35sdxvv0FdyG92CN5xY9uoyWjNQswGgvKht0YAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x60318b3dacccaf010000000000000000%22,%222%22:%220xc5d199ba04bd29290000000000000000%22,%223%22:%220x50de2f23d3b6dfbb0000000000000000%22,%224%22:%220x2840d8b7eea33ccd0000000000000000%22,%225%22:%220x66c888128e9f4f840000000000000000%22},%22debug_key%22:%225967360984396132983%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213822468331042200193%22}&andc=true

Request Chain 145

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 146

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEMhXCrjnQ7fM38RN_3JoXbk&google_cver=1

Request Chain 151

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 174

https://googleads.g.doubleclick.net/pagead/adview?ai=Ccd6ncT93ZeqWKLSp7OsPz9qp2Avy9uLfdIeF_7SLEvi0mP60PxABIJ3FrHtgifPFhPQToAGNpeTuAsgBAqkCltu4SxhXPT6oAwHIA8kEqgTpAU_QIRZyT51zUgcuseiQSMvb0C9_WHHaJmh8Cuym99rbuYiBEdUHRltHHPRDbIgg6V00lFkXx4FeycutFsYz3C5AMUZktojj7p33Qss-qdL2bPkh5TBZuSxFpMUUk6b445sn_2BO_KY-xe01iqLGHHnZSb419w5Abc6YK_kSQAUIjKKuFKVFMA71ZQwCAHjMcUQLInXVP_2wGQ_IUmMVkyceDS1av46ew6xZI9RYhNiEclwwv_C6Z5xCIkRFaAKxjsVrw4A8EgyQcblW4yqLCJdYAogpri5v7i9J4MvCX3XNyzExqtd_SG2SwASt9MLKsQSIBZW04PNIkgUECAQYAZIFBAgFGASgBgKAB9vam5EBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQo80I0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlih6M-e7YeDA5oJZmh0dHBzOi8vbmFnb21pLWZ1ZG91c2FuLmNvbS9zZW1pbmFyL3N0dWR5Lz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPXNlbWluYXJCQoAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2gwRCgsQ4JKnzJu63O2TARICAQPYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjMwNzE3MTE1NzA2MzY1OBgA&sigh=fw_HqGbign0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNM2kOeo03apGk-1rGDSw591DCLUmJj5TmMAzxfCm67IKFdgJFbpvPjLo2N6X3iRdBx9LRwq0gYZPw30DbTFJt3ZLSjuAdqj-kn7wYAQ&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x52b629da7b8948220000000000000000%22,%222%22:%220x68d376cdf5591bd40000000000000000%22,%223%22:%220x5ae37a1e573c4fa70000000000000000%22,%224%22:%220xea6517d9834e779e0000000000000000%22,%225%22:%220xa1218e95a8c5e1a30000000000000000%22},%22debug_key%22:%2213629875718671580638%22,%22debug_reporting%22:true,%22destination%22:%22https://nagomi-fudousan.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22769200781%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212623257890805427681%22}&andc=true

Request Chain 198

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 200

https://fw.adsafeprotected.com/rfw/bgd/1525516/72173817/xbbe/creative/adj?p=APEucNWccohOKjOnEzYz-D57YpQ--Wvq81XkvBlV6GAKit_bMbFYiE0&d=CokBAKAmf-BUBL2Ur7vBucBKR7YjZHQF6sPmI8D1wQbULOWNSpktvG1P4i6WB0-6uVx1d_MQo7aFs2ZCFKXvBrARL7sIcVfsJKqxm5iV0coiVJJOIykfHhzgLdVdVF9LXDF0ZOBV8sFUj_CfzN2AxRbhzF7ECd_Q8UR_jTo5G_aZgXg9iYEbHbTn3EISiRUAoCZ_4OFeIVgyA2HZlMybtIX8mrSLlq4fdq-I0nTB-uShGhwCU6qWovruQFy4HbCVvwFcTTR0cYB7ltqMqo8LaVjWEhw_UZmMC8g18c0Vgp3o1jvHEo2H5YtBs4XFGJW1m0yyxAiwi3xwV9MoKvN9A-RpXWfAEEoTBN-eM_6t-CY4z1QKT2UcyHYk178Y9iyNepHwvVPGKDG4pCzehKdC0pkE0NF89A9Qcf2-xoUSG87HSZKhoFAO4csUjFVv6XogOGXJKV7J9U9_KlecRrGGdnxpbI_rlxgQm80j3RkJ0LkbpRXW8nzI8V94hFuPrRt6eDIGQnldlFZDk2dPYUO8aTFYesAjRH4ciybVdZyUsKUn366UQlFC-N4_R_DtlN-0th6VStCwW5Bf_hNkecOdSG5jm5fHTnyXNAhTyBPJhijPfIE8h_C-_la6glif3yB70BroZXuPMuxELCfHn6a_gkovc29Q4pAOM0aSSqKenNdOh5sBFVzA_IbeEXKyQ2qZIy9k0SkGwlQBP9XZaepk-Ci7y136Va_BTh3aXWXuYQWswn_vfW-UYFALR_gqg9OeCxh65VQNvMEbhC9cz4M0cisxHEN-UDeQ7n5FE8SUt-DQRmvIMdFGCAH0rkWdYDEAMV625MpU12XR8q1zPxv3mdp-yhrIWmGXe07Je4mIlXfp3Odn7MPFnOLwW-o_BTiPoYgRo8pd85eIp4B1D8asgLGf_x6Iy4rkhY76rWU6gWy4XwV5SXJwU_kHBUsdUqttRe33vP-girvO7ZpQH0y2zriMhS42Jf_BgqzLWVeuvuSI-kp7sQpfQG6ACuFN-Qr1nxVXl1gqzn5tBODykUvUo04P5R0GtGd4ttUx33k-4wxG-eoq1PVMFBTf7qRirZlhOoIgFlw7TUe0w_PNZwg6xWQRwQkPsugM20z3AM7pfOjfoXeWFB6uaP7bCX8xySg-_vgcgqlTzccRlWHEnZ35S2FVrcoww09E2OAH_k_fDRpRCrxDfy0nHf332O_6rexumy9WWf5rrw9l8IuGaag6qCeaupJhPZYPGm2H-FtkyEhuGTNOs03W2Nc0VKkJawXwONe1P7YZb-6gmc6XcmDHsgywGVXIrRg7SYLFk4xHCQBw32A8UxWUSODKC0IQ6vzgmjq1zxcSAY7RYvm2CLUPRsmBG7O4J8sBh2WGwExLfdPEvNI9p13QWMFvUlJKHGt7i_PdqJ8hlCMq91kGqfSkC2pYPx58b2-ZlwNnGDhs8DDZqvpOAGjI-JsQs8tNx895FyXlbgmr9XYjcIZJmCBIe6Rx_mPylxGIpSGr8pvapI7yW9aCdNxKTLBqK2OGMg1iEFCTxFiIHfHHiH2ytVHsiJOtVGP61--xo53evxY-6_JJFSET4356ONvtVPDRA5jxu0kNZYatZQSIufXGzKAXr5umZxofSPmgLZb92NNSgMUnvYkDslVAbrTfIJG-suSqVvkN-mGMrBHTcg1ZC4rhELCyPC9yRMIlbgkv5T-ud1DAf5QAQ3UddG-hefnRMwaVehwtGXRHdTrKIVbpgLqsMJOMpRFq6LImhYOXqAC8deXmmJUzSoJa2xtvYXcpPprzxM07Hrzd2tU0YhrmINno_WT154WpBKxW8hlNnX3xaQqJDh2QXObAfU4TaqovbaFGIyAgun7wjm7TsQG6IvsiwqwkRKr690idv9cwjVDM6koqMG23T6aYydUGto1l1SjRTxOPaqbvHvnyxOeVhNs2QR2uw1CaTLctQV79gM4EcUs1vHeHJwFJDWk5LHFYJiPfwPXSKt2-roGB8fiQW3qUFSDuv4I8VvAXB9lPy-Km6-aEIG0FUfKPMwAycghlGsDEkbpUfYWaDMRHiY6-p96bsyke0wekXtPGPZ7AgyFJG4MZ2PYjgyiIrgM6LzEMaMz2HNcgabOvHBZrbk8v-Hv_nOfkY3iie7xvW-1AjYQUVb12yoFESGp2ZOGUyftiIpqC1bu3UrRZA4jiF-3kZ64uiy7nW_xot6pZ9ZpHF56OPJRk7FKraXzRg6J5uAgFCWWL0Q2Cdtor3sB2Vcmw3SGkcMxnCbPeso3udgAbdot25TgYhTn1QyxtOrhDG_anoeEHAc6HtepRewLtMBzWVM8FG0lH8STkq25kVnZ1nzT1qXR0VRNCkqbdmO-vSj36B-c9gKdby42IjtC7VbGkMzMt1aExIGDjc8DZXqx5FWVPj_0VOj4zZeWK2AchM8LxpI_es627ArnKhPm6c4Lh90-FjXV8jwzrJfdfM42FGu7AP_5fQEdqnVSpXPBRlDZAju9uGnAocdrCHa3vJWrbNj1RD5dFHxXLGll4S6_j-2cnt8iQaCSnfiYpE4gnPyJX6kb0A7Cp0lHCAIGLR6h6LHLaedgcCTN3wacC0pWy-KTM5loFuhvc6eFWDUKgxrNNMPYIrlw4ji-nZrouCGKBUgeJO_R_NzbRQEp9cuSmxX1mnCegxLNcFRFTszGl7sg20MogSDwSkmHcc1Ru0Rcdr-jfBQZfZ4MaFoPSoMAssXKGO-P6edZye19P-RR4XGORCRNXc18zlvg6nWpfDFwZ5R4aGBCp5Z_urMLB6RzbEJ1vAAo7sq3DP6K827Mn3le3A_n7tgDkJ87t3iMK6iXDA4092t6B2GWPRXAgYUm-saO6m96ezmVws8lx5HfBOtl9eXWTXcTaAovOwNwmr13IAlNacB1gsZ5Jdo_unPeLytICH9vrFTrAbjIxG481OovZF2VW4Qqz8n4lssdf_B_plSZ0jqx8_pxiDOmMwkjM7plcajb2MFJogDwome0JR2eZNDwjWbFnEMkMyKBLLYEYLfX1Lfe8hv0WNEf_oe_3dFH8bLBKE9x2LVQfbPnkZs6N6ug9I2aqysVaOkRrurrTtGTjUPOrAmHwcgTXOnfWF-tXXSBvifc55re4TKbZRRRlKKxQBzSgPshrYijBdK2ND8zcKeCizktdfQSo7N4nzfaUbzmTfaKqsLf8ahDFE_jO_GyYjot7h0AH7TclQH5JIlCcZcEzex-ElQbtpr4N8o-ZUH_zX-R63DT11mHcpLLlUoMu6ewTT81Z5FZWUAaf5VdkMKUPrq9SSAbKpj46hfEJLOvv10wSQypPHLh5B8mfauXTI-cwhk9c_Dr6Tn5u4gBCWpfhjgfj-OI3C9-u2qYy408-lMZMAoCZnq3n2WLu91D_NuBj0d48LvP2g9LbS4l-KhDy7dsnT2on_wE_K-sYZ_scH8Fv3ZkR4XtnQVZcyNIjkJIzcRda-4Na5C8IyX8MRSqD6XPinOi5Sdb6kNoRd6pDc_oLRQkK7bL_lj2Zw8Wg-zfQn-AhQ3o1Ssg8sMkzZ2Hz64HnKkeIF1-l3f4tUx4aIuZ4iGs-JjrZ6zR66rlnpj6CrasvEvA48HaqqCLo6g-QArBlhL-MdqoWsOFPaCBgvOsmRO4hIReY1AYU8Kah4mPuVPTLuSkNxAQmv73EdXhfSKGTqmOZTgNo6m65GughbZ6n8wOX1lAo-fKwZzBvPEDmAGvJ92izgboFO2R33waf2__ayDlrqKkm0iZQi6omKhHZH5wyb-_CLsGlhjYRoCJ8pJOseu0aVQgEEk8AyAmmjTNpDnqNN2qRpPtaxg0sOfdQwi1JiY-U5jAM8XwpuuyChXYCRW6bz4y6Njel94kXQcfS0cKtIGGT8N9A20xSbd2S0o7gHao_pJ-8GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=&ias_chanId=1&ias_placementId=20268485269&bidurl=https://www.guri2o1667.work/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h5dWBlnwT12IB7WKjA8xbU&adsafe_url=https%3A%2F%2Fwww.guri2o1667.work&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.guri2o1667.work%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-2307171157063658%26fa%3D1%26ifi%3D11%26uci%3Da!b%26btvi%3D6&adsafe_type=be&adsafe_jsinfo=,id:4fd613b0-2cd0-73e3-39a5-22b67c82693f,c:wxKSJH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74989cd8c9-crbhl,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tY9pp01+11%7C12%7C13%7C14%7C151%7C16%7C171%7C181%7C1911%7C1912%7C1913%7C1a11%7C1a12%7C1b1%7C1b2%7C1c1%7C1d1*.1525516-72173817%7C1d11,idMap:1d1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:28,oid:5a9ac91c-9846-11ee-8745-2a0f74109bef,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWccohOKjOnEzYz-D57YpQ--Wvq81XkvBlV6GAKit_bMbFYiE0&d=CokBAKAmf-BUBL2Ur7vBucBKR7YjZHQF6sPmI8D1wQbULOWNSpktvG1P4i6WB0-6uVx1d_MQo7aFs2ZCFKXvBrARL7sIcVfsJKqxm5iV0coiVJJOIykfHhzgLdVdVF9LXDF0ZOBV8sFUj_CfzN2AxRbhzF7ECd_Q8UR_jTo5G_aZgXg9iYEbHbTn3EISiRUAoCZ_4OFeIVgyA2HZlMybtIX8mrSLlq4fdq-I0nTB-uShGhwCU6qWovruQFy4HbCVvwFcTTR0cYB7ltqMqo8LaVjWEhw_UZmMC8g18c0Vgp3o1jvHEo2H5YtBs4XFGJW1m0yyxAiwi3xwV9MoKvN9A-RpXWfAEEoTBN-eM_6t-CY4z1QKT2UcyHYk178Y9iyNepHwvVPGKDG4pCzehKdC0pkE0NF89A9Qcf2-xoUSG87HSZKhoFAO4csUjFVv6XogOGXJKV7J9U9_KlecRrGGdnxpbI_rlxgQm80j3RkJ0LkbpRXW8nzI8V94hFuPrRt6eDIGQnldlFZDk2dPYUO8aTFYesAjRH4ciybVdZyUsKUn366UQlFC-N4_R_DtlN-0th6VStCwW5Bf_hNkecOdSG5jm5fHTnyXNAhTyBPJhijPfIE8h_C-_la6glif3yB70BroZXuPMuxELCfHn6a_gkovc29Q4pAOM0aSSqKenNdOh5sBFVzA_IbeEXKyQ2qZIy9k0SkGwlQBP9XZaepk-Ci7y136Va_BTh3aXWXuYQWswn_vfW-UYFALR_gqg9OeCxh65VQNvMEbhC9cz4M0cisxHEN-UDeQ7n5FE8SUt-DQRmvIMdFGCAH0rkWdYDEAMV625MpU12XR8q1zPxv3mdp-yhrIWmGXe07Je4mIlXfp3Odn7MPFnOLwW-o_BTiPoYgRo8pd85eIp4B1D8asgLGf_x6Iy4rkhY76rWU6gWy4XwV5SXJwU_kHBUsdUqttRe33vP-girvO7ZpQH0y2zriMhS42Jf_BgqzLWVeuvuSI-kp7sQpfQG6ACuFN-Qr1nxVXl1gqzn5tBODykUvUo04P5R0GtGd4ttUx33k-4wxG-eoq1PVMFBTf7qRirZlhOoIgFlw7TUe0w_PNZwg6xWQRwQkPsugM20z3AM7pfOjfoXeWFB6uaP7bCX8xySg-_vgcgqlTzccRlWHEnZ35S2FVrcoww09E2OAH_k_fDRpRCrxDfy0nHf332O_6rexumy9WWf5rrw9l8IuGaag6qCeaupJhPZYPGm2H-FtkyEhuGTNOs03W2Nc0VKkJawXwONe1P7YZb-6gmc6XcmDHsgywGVXIrRg7SYLFk4xHCQBw32A8UxWUSODKC0IQ6vzgmjq1zxcSAY7RYvm2CLUPRsmBG7O4J8sBh2WGwExLfdPEvNI9p13QWMFvUlJKHGt7i_PdqJ8hlCMq91kGqfSkC2pYPx58b2-ZlwNnGDhs8DDZqvpOAGjI-JsQs8tNx895FyXlbgmr9XYjcIZJmCBIe6Rx_mPylxGIpSGr8pvapI7yW9aCdNxKTLBqK2OGMg1iEFCTxFiIHfHHiH2ytVHsiJOtVGP61--xo53evxY-6_JJFSET4356ONvtVPDRA5jxu0kNZYatZQSIufXGzKAXr5umZxofSPmgLZb92NNSgMUnvYkDslVAbrTfIJG-suSqVvkN-mGMrBHTcg1ZC4rhELCyPC9yRMIlbgkv5T-ud1DAf5QAQ3UddG-hefnRMwaVehwtGXRHdTrKIVbpgLqsMJOMpRFq6LImhYOXqAC8deXmmJUzSoJa2xtvYXcpPprzxM07Hrzd2tU0YhrmINno_WT154WpBKxW8hlNnX3xaQqJDh2QXObAfU4TaqovbaFGIyAgun7wjm7TsQG6IvsiwqwkRKr690idv9cwjVDM6koqMG23T6aYydUGto1l1SjRTxOPaqbvHvnyxOeVhNs2QR2uw1CaTLctQV79gM4EcUs1vHeHJwFJDWk5LHFYJiPfwPXSKt2-roGB8fiQW3qUFSDuv4I8VvAXB9lPy-Km6-aEIG0FUfKPMwAycghlGsDEkbpUfYWaDMRHiY6-p96bsyke0wekXtPGPZ7AgyFJG4MZ2PYjgyiIrgM6LzEMaMz2HNcgabOvHBZrbk8v-Hv_nOfkY3iie7xvW-1AjYQUVb12yoFESGp2ZOGUyftiIpqC1bu3UrRZA4jiF-3kZ64uiy7nW_xot6pZ9ZpHF56OPJRk7FKraXzRg6J5uAgFCWWL0Q2Cdtor3sB2Vcmw3SGkcMxnCbPeso3udgAbdot25TgYhTn1QyxtOrhDG_anoeEHAc6HtepRewLtMBzWVM8FG0lH8STkq25kVnZ1nzT1qXR0VRNCkqbdmO-vSj36B-c9gKdby42IjtC7VbGkMzMt1aExIGDjc8DZXqx5FWVPj_0VOj4zZeWK2AchM8LxpI_es627ArnKhPm6c4Lh90-FjXV8jwzrJfdfM42FGu7AP_5fQEdqnVSpXPBRlDZAju9uGnAocdrCHa3vJWrbNj1RD5dFHxXLGll4S6_j-2cnt8iQaCSnfiYpE4gnPyJX6kb0A7Cp0lHCAIGLR6h6LHLaedgcCTN3wacC0pWy-KTM5loFuhvc6eFWDUKgxrNNMPYIrlw4ji-nZrouCGKBUgeJO_R_NzbRQEp9cuSmxX1mnCegxLNcFRFTszGl7sg20MogSDwSkmHcc1Ru0Rcdr-jfBQZfZ4MaFoPSoMAssXKGO-P6edZye19P-RR4XGORCRNXc18zlvg6nWpfDFwZ5R4aGBCp5Z_urMLB6RzbEJ1vAAo7sq3DP6K827Mn3le3A_n7tgDkJ87t3iMK6iXDA4092t6B2GWPRXAgYUm-saO6m96ezmVws8lx5HfBOtl9eXWTXcTaAovOwNwmr13IAlNacB1gsZ5Jdo_unPeLytICH9vrFTrAbjIxG481OovZF2VW4Qqz8n4lssdf_B_plSZ0jqx8_pxiDOmMwkjM7plcajb2MFJogDwome0JR2eZNDwjWbFnEMkMyKBLLYEYLfX1Lfe8hv0WNEf_oe_3dFH8bLBKE9x2LVQfbPnkZs6N6ug9I2aqysVaOkRrurrTtGTjUPOrAmHwcgTXOnfWF-tXXSBvifc55re4TKbZRRRlKKxQBzSgPshrYijBdK2ND8zcKeCizktdfQSo7N4nzfaUbzmTfaKqsLf8ahDFE_jO_GyYjot7h0AH7TclQH5JIlCcZcEzex-ElQbtpr4N8o-ZUH_zX-R63DT11mHcpLLlUoMu6ewTT81Z5FZWUAaf5VdkMKUPrq9SSAbKpj46hfEJLOvv10wSQypPHLh5B8mfauXTI-cwhk9c_Dr6Tn5u4gBCWpfhjgfj-OI3C9-u2qYy408-lMZMAoCZnq3n2WLu91D_NuBj0d48LvP2g9LbS4l-KhDy7dsnT2on_wE_K-sYZ_scH8Fv3ZkR4XtnQVZcyNIjkJIzcRda-4Na5C8IyX8MRSqD6XPinOi5Sdb6kNoRd6pDc_oLRQkK7bL_lj2Zw8Wg-zfQn-AhQ3o1Ssg8sMkzZ2Hz64HnKkeIF1-l3f4tUx4aIuZ4iGs-JjrZ6zR66rlnpj6CrasvEvA48HaqqCLo6g-QArBlhL-MdqoWsOFPaCBgvOsmRO4hIReY1AYU8Kah4mPuVPTLuSkNxAQmv73EdXhfSKGTqmOZTgNo6m65GughbZ6n8wOX1lAo-fKwZzBvPEDmAGvJ92izgboFO2R33waf2__ayDlrqKkm0iZQi6omKhHZH5wyb-_CLsGlhjYRoCJ8pJOseu0aVQgEEk8AyAmmjTNpDnqNN2qRpPtaxg0sOfdQwi1JiY-U5jAM8XwpuuyChXYCRW6bz4y6Njel94kXQcfS0cKtIGGT8N9A20xSbd2S0o7gHao_pJ-8GAFgAQ&cry=1&bundleId=

Request Chain 204

https://googleads.g.doubleclick.net/pagead/adview?ai=C1hA2cj93ZdvEJJiF7OsPnr27iAvgkLPIdO7p55f5BWQQASCdxax7YInzxYT0E6ABl_2S_wPIAQmpAjnAzZhXYD0-qAMByANKqgTsAU_QrPM0Q8Q17lvNKhr7NnUa4N3Gt5Yuct_BhXFzKrVnfMAQ2NU-KWXOvSpltJDLW_X4_9Ygse_phC_qfCA2SXczTgLxCmwD3u7XD9cn-02uJs-jSrq2ttFbXBromvox61kQ3Ah41m2WnD8T0zmtgmcFMyaxj-TxhliqBb5bw2lIGS8csGSKVQdIb-tX8u6yw70h-NOWZIIvQwhNfA9gdxeq-OBjUAHvcI0nKXvLzI3dOJvNj5DLu2WhL0P_XbCtturjhzSFzpQkI4BmCUsgZSTQ84wZhnQI0Hzlwy3xwhADGLkudAy_NAZbz3PTwATW1pijmwGIBfTZjtgCkgUECAQYAZIFBAgFGASgBi6AB9GCbagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBDcmwTSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WPuaiZ_th4MDmglbaHR0cDovL3d3dy50b2t5dS1yZXNvcnQuY28uanAvP2Jhbm5lcl9pZD1vdGhlcl9nZHgwMDAxJnV0bV9tZWRpdW09cGFpZHNlYXJjaCZ1dG1fc291cmNlPWdkeIAKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBAKChCwpoWxi-ftgg0SAgED2BMC0BUBmBYBgBcBshccChoIABIUcHViLTIzMDcxNzExNTcwNjM2NTgYAA&sigh=U3suq_qjb6M&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNoFQuLrM-TjW9aduJuKgq96io563EoNYTORLaHvmDpEjz-GbKJgWDsgc6PZHnOugUjCiskOUDJRgB&template_id=416&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3c5a684a4f422c770000000000000000%22,%222%22:%220x2c622a83c784cc5d0000000000000000%22,%223%22:%220xb9189408d179cbaf0000000000000000%22,%224%22:%220x8d4ac244b8ee28660000000000000000%22,%225%22:%220x39743a595cf0fbac0000000000000000%22},%22debug_key%22:%227878435383495636842%22,%22debug_reporting%22:true,%22destination%22:%22https://tokyu-resort.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071955607%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225821715775066769249%22}&andc=true

Request Chain 208

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELjcPK3FICqJAMdKdtXkBR4&google_cver=1&google_push=AXcoOmRoVEqF8zvENHlYz7HUkgZHhehk9Z_2uFNqIfB9xWqr7C2xTrkVe26yFrlYWCoCdQJ514ca0lCLKgDTNYxgGPPflH43brT0YkAn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRoVEqF8zvENHlYz7HUkgZHhehk9Z_2uFNqIfB9xWqr7C2xTrkVe26yFrlYWCoCdQJ514ca0lCLKgDTNYxgGPPflH43brT0YkAn&google_hm=eS1JeEI1ZHRsRTJwR2VicGdzVHJfNEtJeHlqVGNLQUNGX35B

Request Chain 209

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESENGQqc0Lk9kOdVdGFwvBeus&google_cver=1&google_push=AXcoOmRTJQvxQmid9Vr_GYOw-sAS36BIx-K0f1SA8ACMrSKan9aW3jaImDHjwIlshFz8nTlf1PTPAnJ5dhfZDsj1wEOEcE5o-lkMJIww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc3MzUzMjQyOTA&google_push=AXcoOmRTJQvxQmid9Vr_GYOw-sAS36BIx-K0f1SA8ACMrSKan9aW3jaImDHjwIlshFz8nTlf1PTPAnJ5dhfZDsj1wEOEcE5o-lkMJIww

Request Chain 210

https://s.uuidksinc.net/match/47/?remote_uid=CAESEBLGJAyfRUpPsiMYfnPfNPo&c_param1=AXcoOmRwa7IfmfRcWj3tZpQvUOarXuxJ0EzkmeopMGzk0NiaMfuYOLkwcGx8aIs-HbJH5SYelXy8N_wiwCqppKXxBTuliEgTcbIdc1SS&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRwa7IfmfRcWj3tZpQvUOarXuxJ0EzkmeopMGzk0NiaMfuYOLkwcGx8aIs-HbJH5SYelXy8N_wiwCqppKXxBTuliEgTcbIdc1SS

Request Chain 211

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESECVGMs-hu_t1STTDuW1O3Uw&google_cver=1&google_push=AXcoOmScIXfdYtARxhOWSp3zpg1nACd6sfSstwCmBO4rOTK0owwV3FPqVp_HGwea1rpaLA5OUOUVwo4dmjCwzYNEPB6FcPaIWYVDduxL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmScIXfdYtARxhOWSp3zpg1nACd6sfSstwCmBO4rOTK0owwV3FPqVp_HGwea1rpaLA5OUOUVwo4dmjCwzYNEPB6FcPaIWYVDduxL&google_hm=AfMSQrmLAkVWsvUH8T1SqYE

Request Chain 213

https://sync.gonet-ads.com/match/google?google_gid=CAESEMNPGn9LUey1Y3JlNAyAWoE&google_cver=1&google_push=AXcoOmSdQs7sXnLlzI2K5yAVQDzUW-6_9-7in5L7a0nxmK-gU6jTApITB-HnX5U8IW-GElbM1rCL1qQR55zrZPed95toZgEZeblwvWwk4A HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEMNPGn9LUey1Y3JlNAyAWoE&google_cver=1&google_push=AXcoOmSdQs7sXnLlzI2K5yAVQDzUW-6_9-7in5L7a0nxmK-gU6jTApITB-HnX5U8IW-GElbM1rCL1qQR55zrZPed95toZgEZeblwvWwk4A&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGI0ZmNkNTkxYzQ3MDVmZQ&google_push=AXcoOmSdQs7sXnLlzI2K5yAVQDzUW-6_9-7in5L7a0nxmK-gU6jTApITB-HnX5U8IW-GElbM1rCL1qQR55zrZPed95toZgEZeblwvWwk4A HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGI0ZmNkNTkxYzQ3MDVmZQ&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 214

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEMuyryOQZSvPIHAck3GXSYQ&google_cver=1&google_push=AXcoOmRY7wAiZX2yRrAqm3d-FHLuKH2Enab63FQOp5XVOvcqaqwJHETCOKWqgbrlej4h_LShu61Hi6fZ2b_iVHFzl8h3wVQ-4u9vfUyLcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRY7wAiZX2yRrAqm3d-FHLuKH2Enab63FQOp5XVOvcqaqwJHETCOKWqgbrlej4h_LShu61Hi6fZ2b_iVHFzl8h3wVQ-4u9vfUyLcQ

Request Chain 217

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDo9gKIRqHnEf081LEsKamY&google_cver=1&google_push=AXcoOmQtf696vsDhQDlGDVIWcAmXGSWuHMXniyhcZEGIw5AQIQGcXY4sZNikvh1qdOJRkD-kz1R980lZja68sdB-QuCSvHb5XwZK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQtf696vsDhQDlGDVIWcAmXGSWuHMXniyhcZEGIw5AQIQGcXY4sZNikvh1qdOJRkD-kz1R980lZja68sdB-QuCSvHb5XwZK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDo9gKIRqHnEf081LEsKamY&google_cver=1&google_push=AXcoOmQtf696vsDhQDlGDVIWcAmXGSWuHMXniyhcZEGIw5AQIQGcXY4sZNikvh1qdOJRkD-kz1R980lZja68sdB-QuCSvHb5XwZK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQtf696vsDhQDlGDVIWcAmXGSWuHMXniyhcZEGIw5AQIQGcXY4sZNikvh1qdOJRkD-kz1R980lZja68sdB-QuCSvHb5XwZK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 218

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESENHu6tEr3zL9I4AY0HEKpZs&google_cver=1&google_push=AXcoOmQAhPMBUwlAmRM9mwyEdPDiRyVwrOIBQxDUtlXGS6TGRbsyLBSIhOUlhn5xIoxRN-p6uQ77uhRxFDfxQNazn20vEElaTNsQFA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQAhPMBUwlAmRM9mwyEdPDiRyVwrOIBQxDUtlXGS6TGRbsyLBSIhOUlhn5xIoxRN-p6uQ77uhRxFDfxQNazn20vEElaTNsQFA&google_hm=emEo71sKRJKWg0UFWDSxQZU

Request Chain 219

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEG7BXiymSpVKBFnB0-rF6fw&google_cver=1&google_push=AXcoOmTMp1cw29R3ROSQGpdK1iJkGgMJKoxXmPMkoZaqvOfIxetZgyGma48XMrxtfMv7TEYS-Pi8nrvqHUJ23_sLmJ316MZCToQJ8Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlhjLWM4Q284WGtBQUNEcndDOEFBQUFB HTTP 302
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEG7BXiymSpVKBFnB0-rF6fw&google_cver=1

Request Chain 220

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEKW1rOzxrJOBVvc_9UOpobs&google_cver=1&google_push=AXcoOmTeJhObhCYlh5-oVHadkE-o7-sU2Vw3sgviBgM3Depiiu72WTKUYweuA2pPTDjsbp5jbk39U1W9NniS0Kv9V-OrcRcbS7uBjA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTeJhObhCYlh5-oVHadkE-o7-sU2Vw3sgviBgM3Depiiu72WTKUYweuA2pPTDjsbp5jbk39U1W9NniS0Kv9V-OrcRcbS7uBjA&google_hm=NTdtR3ZOMDBaQkRHYTAwN0QyNWc

Request Chain 221

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDdLkF0N2WVFuVNEX0Jvw8E&google_cver=1&google_push=AXcoOmQ6uCwHe1spE0fi_t-fbocRCFV7G9YxmwAgV4vT7vJ-8mD6A1s_1tX9uPNO5FmhX17NXKJwrEJUvL6Q2gqiYoTGqOdGk2MG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ6uCwHe1spE0fi_t-fbocRCFV7G9YxmwAgV4vT7vJ-8mD6A1s_1tX9uPNO5FmhX17NXKJwrEJUvL6Q2gqiYoTGqOdGk2MG&google_hm=eS1fbkNTc1hkRTJwRTZZUi5KSEVvNENnYzdYM2RCY29nUH5B

Request Chain 222

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFsH8y-VvSCHM1jpmQrW5hk&google_cver=1&google_push=AXcoOmQx_xNDXlSc_4uwf8ykQmtXVrnoGOnt2afhQbmRhf6qke-miKgKJo03yYBZkVGi9HrIDnOicApFtbU8KwMD6fhQdh1EJhdH HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFsH8y-VvSCHM1jpmQrW5hk&google_cver=1&google_push=AXcoOmQx_xNDXlSc_4uwf8ykQmtXVrnoGOnt2afhQbmRhf6qke-miKgKJo03yYBZkVGi9HrIDnOicApFtbU8KwMD6fhQdh1EJhdH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkwNTAwMzgyNjE2OTc3NDY0Nw&google_push=AXcoOmQx_xNDXlSc_4uwf8ykQmtXVrnoGOnt2afhQbmRhf6qke-miKgKJo03yYBZkVGi9HrIDnOicApFtbU8KwMD6fhQdh1EJhdH

Request Chain 223

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECck-k1yrS_SoPcHlNwNQOo&google_cver=1&google_push=AXcoOmQVF025b-SSoQrdy9j0706wY_U-MltfnAShirvFPEktmLKdv7-a-7VkzHJKsGjEbv3rFWY-5skXy229yyt0Vrg4qnRqQnD9lxU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZWI5OGJmN2EtMmIwZS00NWViLTk0NWEtOTJkZWM3NGYzNDEx&google_push=AXcoOmQVF025b-SSoQrdy9j0706wY_U-MltfnAShirvFPEktmLKdv7-a-7VkzHJKsGjEbv3rFWY-5skXy229yyt0Vrg4qnRqQnD9lxU HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 232

https://googleads.g.doubleclick.net/pagead/adview?ai=CpG4Ycj93ZeqNIqjUs8IP8KelyAifkZPsbqDGrqr3EKuhstHrARABIJ3FrHtgifPFhPQToAH9lf-YKcgBCakCltu4SxhXPT6oAwHIA8sEqgT8AU_Q_ocBaoMQfjm7fy889PmYrZe390L7cY06MSvLnYT-kQga7lbo0HXI1N3aFsWwNq4Wt0izoie-R_e9Mal1r2gKqnaE7KAeFScrTjNGts2aS-_fCulFJuyyqgXyA1bqSosEOSgZUIxM_AZ3EGaetVI6Am0q6u1RDbUt48FgguK5bNwL_rMWjDfvA7vTcx_Bk0hOA-0IMMyedpSKiDtR1aRoxSxeOw67COVfBvVY0UuZO9wGUGefM7rWjPXx6LgTsdumY4qvUv9nYzJyko20YCD9LqNnpwgLgWhQtrUm490rJ2H2BqzjxnBMtKCcGVJ5cJA3WDxOhXuU-gzPccAEmdHU06wEiAX8lKuaSZIFBAgEGAGSBQQIBRgEoAYugAf9zc_4A6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJDeA9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpYxOyGn-2HgwOaCRtodHRwczovL2JpYmkucGxheWRvaC5jby5qcC-ACgHICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbEC2gwQCgoQ4LCj64iOrrwEEgIBA7gT5APYEw3QFQGAFwGyFxwKGggAEhRwdWItMjMwNzE3MTE1NzA2MzY1OBgA&sigh=yLwQGOyeluU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNXgE1NMErR1_kDA61rNRuhNgRahLDBj4AggY5alkarzio-mUkvNKEumu3Vi8eufLSyYnPWeVquhgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x63f3e84993bd306c0000000000000000%22,%222%22:%220x1d486d7e7c89145e0000000000000000%22,%223%22:%220xa6ad635db171d8110000000000000000%22,%224%22:%220x24cafc5d2b9db6d20000000000000000%22,%225%22:%220xc3fddf839696507c0000000000000000%22},%22debug_key%22:%224095886813077987612%22,%22debug_reporting%22:true,%22destination%22:%22https://playdoh.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211058268925%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223701501522826895697%22}&andc=true

Request Chain 239

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl7pVcj93ZffxIcTJs8IPzOiywAvszMPUdK3tnYKcEomQx8a0EBABIJ3FrHtgifPFhPQToAG-9_T9AsgBCakCltu4SxhXPT6oAwHIA8sEqgToAU_QNHamdFVxCOOrVvGyWJhDWwBCaCGGF_GFQc-5QzkG7AvjKSLsPxaaHKsCplSpipoLxfoI46kNXMUEya7Fx0DTC_kw1ZDKCPBAL1GFIn8I8VjEKhWN91PFX04UDkzvleZAoGwQDBKp6A5ji0C7J29_AarSOCxYo-YZpBOp-AGpwWEj62nk0Nl4PEp_p9rE9GBta0fyu8NCF7uvu6hW03F2zM1N7k47dDo0-CFVgjSlg20S68_PsPGZSBGDqCZTS-fHzpmePrnmEU8dw26nUTNW3SkzScPiBCIewdK3eMZOvRelRZpypZPABLyI-YbaBIgF6bzL0k2gBi6AB6qIi4IBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ5r4E0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlikz4af7YeDA5oJiQFodHRwczovL3d3dy5hbWF6b24uY28uanAvZXZlbnRzL21vbnRobHlkZWFsZXZlbnQ_dGFnPXhjbWFkbncxMDUwMjAzMi0yMiZyZWZfPUZZMjNfRUFfUTRfSG9saWRheUREQV9Ib2xpZGF5U2FsZV9HRE5fU3RhX0xVX1VwcGVyX0RpcmVjdF9HUIAKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLaDBAKChCwmv33u5fPm0sSAgEDuBPkA9gTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMzA3MTcxMTU3MDYzNjU4GACyGAMiAQA&sigh=BwAZTGCkUpM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaN8TLYQzAoVsAWvzJUf68fRNT9SW5U424JTlzEJslVgacbQfKn8tIju0yaeU-fN1RAHbNicAZE6xgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2499ac6dcb32859a0000000000000000%22,%222%22:%220x54918845ec2777c50000000000000000%22,%223%22:%220x4ff2b6df6245ae6b0000000000000000%22,%224%22:%220x22a143e5ad9ca5580000000000000000%22,%225%22:%220x71a08538988ca0990000000000000000%22},%22debug_key%22:%22318458811305628865%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22800930750%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22913775139292922369%22}&andc=true

282 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.guri2o1667.work/
Redirect Chain

http://www.guri2o1667.work/
https://www.guri2o1667.work/

89 KB
13 KB

27ms
11ms

Document
text/html

35.75.255.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guri2o1667.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.75.255.9 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-75-255-9.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4ee691c0ed9dc28f508438369376bd2ea84c6abdc0944e049e0de060aa720a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8039
cache-control: private
content-encoding: gzip
content-length: 13025
content-security-policy-report-only: block-all-mixed-content; report-uri https://blog.hatena.ne.jp/api/csp_report
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 16:57:21 GMT
p3p: CP="OTI CUR OUR BUS STA"
server: nginx
vary: Accept-Encoding X-Epic-Device-Type,X-Epic-Flag-Variants,Accept-Encoding
via: 1.1 varnish (Varnish/7.1)
x-cache: HIT
x-cache-only-varnish: 1
x-content-type-options: nosniff
x-dispatch: Hatena::Epic::Web::Blogs::Index#index
x-frame-options: DENY
x-proxy-revision: 9f07f2f
x-revision: 9f07f2fa593dfd37f929a685ab685f
x-runtime: 0.138109
x-varnish: 191076021 185953124
x-xss-protection: 1

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 11 Dec 2023 16:57:21 GMT
Location: https://www.guri2o1667.work/
Server: nginx
X-Proxy-Revision: 9f07f2f

GET
H2 200 20191204111316.jpg
cdn-ak.f.st-hatena.com/images/fotolife/g/guri2o1667/20191204/ 309 KB
309 KB 39ms
14ms Image
image/jpeg 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-ak.f.st-hatena.com/images/fotolife/g/guri2o1667/20191204/20191204111316.jpg
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e9023ce1e3d834c06a764552ae51723ca05a7d0681d60f51d9c3e5195526fcbd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: xaw3uDb0t5vQNJUTYV0D3UarutVsrAOZ
date: Mon, 11 Dec 2023 16:57:21 GMT
last-modified: Wed, 04 Dec 2019 02:13:17 GMT
server: AmazonS3
x-amz-request-id: JDRHSP0JP0KM7M7Y
etag: "5ccf62649f114d894c7c8d2393f7848e"
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=86400
accept-ranges: bytes
content-length: 315932
x-amz-id-2: bPhVizejK3ouCgvDFzSSqZ9+S99ZjAp+cjX0EK3Ic0AA+YMgUJsPwBy8amyrmuo0aN75MU+JF/Y=

GET
H2 200 https%3A%2F%2Fcdn.user.blog.st-hatena.com%2Fdefault_entry_og_image%2F155556443%2F1577149123954569
cdn.image.st-hatena.com/image/scale/19d6fc2eb35e0aa230545f7ede47fb8193f6bfc9/backend=imager;height=500;quality=80;version=1;width=500/ 22 KB
22 KB 31ms
7ms Image
image/jpeg 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.image.st-hatena.com/image/scale/19d6fc2eb35e0aa230545f7ede47fb8193f6bfc9/backend=imager;height=500;quality=80;version=1;width=500/https%3A%2F%2Fcdn.user.blog.st-hatena.com%2Fdefault_entry_og_image%2F155556443%2F1577149123954569
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 917c5375ec6dcfbc7383eef12fe411343dccf9adc6730e70995d693c671a37d9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/jpeg
x-runtime: 0.103539
date: Mon, 11 Dec 2023 16:57:21 GMT
cache-control: max-age=1109524
content-length: 22396
expires: Sun, 24 Dec 2023 13:09:25 GMT

GET
H2 200 blog.css
cdn.blog.st-hatena.com/css/ 62 KB
12 KB 36ms
13ms Stylesheet
text/css 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/css/blog.css?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e339b397e7b2ac0d2da5cdfe960dd7901fff4e054bb6c11e9959e81c0cb9519a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Ev59oJX8XrACw3wiJSJA_G8vtW1mC335
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: 0GMB7BA99SP50V2R
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 12063
x-amz-id-2: nIeAE42XZoEHiKLISy4guZg53pZPjuHcmvqYRFxRwgybpiBgCJJsH7Nx019OmIFEQmb3Vihf4Vw=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: a1bd249
etag: "5294af9862d63413b31fe32f1bf66652"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=579754
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:59:55 GMT

GET
H2 200 a54b43af40abf2cfd7d0c7eea6e1e57697215c06
usercss.blog.st-hatena.com/blog_style/26006613473222614/ 33 KB
8 KB 85ms
7ms Stylesheet
text/css 23.204.139.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://usercss.blog.st-hatena.com/blog_style/26006613473222614/a54b43af40abf2cfd7d0c7eea6e1e57697215c06

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.139.144 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-204-139-144.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

db2132ac28b5d234208606c72db2b5a6de02e406638a2707c73b635e1b31ba50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 16:57:21 GMT
content-security-policy-report-only: block-all-mixed-content; report-uri https://blog.hatena.ne.jp/api/csp_report
x-dispatch: Hatena::Epic::Web::UserCss#default
p3p: CP="OTI CUR OUR BUS STA"
x-revision: 9f07f2fa593dfd37f929a685ab685f
content-length: 7781
x-xss-protection: 1
x-runtime: 0.026981
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: 9f07f2f
etag: W/"58473d07b672c4b58c2d5781173215b35149d2cb"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=579965, s-maxage=315360000
expires: Mon, 18 Dec 2023 10:03:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 119ms
75ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64db28d2c53c932f4b0100853662076601e137f9ff0fef6fddb64310f247494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52016
x-xss-protection: 0
server: cafe
etag: 6697473706299824291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/12/08/%E3%80%90Github%E3%80%91GitHub_Enterprise_Server_%E3%81%A8_GitHub_Enterprise_Cloud_%E3%81%AE%E9%81%95%E3%81%84%E3%81%...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
485 B

31ms
3ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: S_6Qa6Q3ycesfPPuw-_uN8NAgGFx0BJhzt5lelr02kGQR6BLedONIQ==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: cpQkDkk_N9Cy-qyirCnhZ5FFa72Nt6fYoYa6UAZe0--PYvN0LprZEw==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/21/%E3%80%90Docker%E3%80%91Dockerfile%E3%81%A7%E8%A8%98%E8%BF%B0%E3%81%99%E3%82%8BARG%E3%81%A8ENV%E3%81%AE%E9%81%95%E3%8...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
486 B

32ms
4ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: g0_f8vlUYBml6E2fcHIrwNDwZcWZYCiGqPoi7wYX5WGvD1xX-Uptmw==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: uLU0FrJ2CEAOxwPvJj_yD70n7tt2FyJCZX-8pP-RczQm35Y_qok7IQ==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/21/%E3%80%90Github%E3%80%91%E3%83%97%E3%83%AB%E3%83%AA%E3%82%AF%E3%82%A8%E3%82%B9%E3%83%88%E3%81%AE%E3%83%9E%E3%83%BC%E3...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
484 B

4ms
4ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: nrGU9pPe4SMv54uvBhsIQwzn1pib6uzSijwmW1YwILQ7Mcis11e0tg==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: AagpZJ21ebO5tngYJMpDMzp87KhF8mriLjBStz-4Rj4rNz49nRsslg==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/15/%E3%80%90Docker%E3%80%91Dockerfile%E3%81%A7%E8%A8%98%E8%BF%B0%E3%81%99%E3%82%8BRUN%E3%81%A8CMD%E3%81%A8ENTRYPOINT%E3%...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
484 B

4ms
3ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: LbFWxyiuKsiLg9cFtD-G159Bea5ixO6iqsX5DCrqtpKCK2gt-igkEQ==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: UoO2oNnUjPrEpRdh1giDAKQY9rat3Ovq749qvz3fAmssfK_hP8-YAA==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/15/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89%E3%82%88%E3%81%8F%E4%BD%BF...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
485 B

3ms
3ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: tB3Fh0FAnfvsDPQ2rw54Wjck-P9ZBpgs9NW8QHNU7ELA1MHcQj4rPg==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: VyDg_cOlrIg9l0jg6FA7rmUBMLS22Vo5rRIy0EsMQOTdlE5U9RwGmw==

GET
H2

200

00001.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/10/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89%E3%82%88%E3%81%8F%E4%BD%BF...
https://b.st-hatena.com/images/users/gif/normal/00001.gif

116 B
560 B

4ms
4ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00001.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

5aaa06aa0bab819b01c71ea806a54c9c00f01668de382c9e014e93c75863a460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 15:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:45 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9424437
etag: "88dd66fce0fc3f0cde1a542f9fd7e597"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 116
x-amz-cf-id: pfwe13VApyZ1Iu2utjrwcK7tYHxEYd9K-Sd6jb1ZyGAilHtXq-golA==
expires: Fri, 23 Aug 2024 15:03:24 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00001.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: DbK-fA4fhOwx357_nTP2mR5x_EQCmg2AEE3OduPyXOdYmavKgjWZ9Q==

GET
H2

200

00001.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/11/07/%E3%80%90Github%E3%80%91JWT%EF%BC%88JSON_Web_Token%EF%BC%89%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6
https://b.st-hatena.com/images/users/gif/normal/00001.gif

116 B
562 B

4ms
3ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00001.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

5aaa06aa0bab819b01c71ea806a54c9c00f01668de382c9e014e93c75863a460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 15:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:45 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9424437
etag: "88dd66fce0fc3f0cde1a542f9fd7e597"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 116
x-amz-cf-id: bRTyFAMtm2QyPBkMYFmgQYhiv_njVWmhJnkjOfRoEZ5jUVX9cuz6WA==
expires: Fri, 23 Aug 2024 15:03:24 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00001.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: 6TJR6oF7wEA1p_FmmsyIx4-ejtGW5ZcHHMHnyBf0BjQD0PKbtG5NiQ==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/10/01/%E3%80%90AWS%E3%80%91SES%E3%81%A7%E5%AE%9B%E5%85%88%E3%83%A1%E3%83%BC%E3%83%AB%E3%83%89%E3%83%A1%E3%82%A4%E3%83%B3%E3...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
486 B

5ms
5ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: wKK7mOJkxuqEA7mDL3I4pMXS8_rkdqmofPCyDm8X4uIAb2NqgLVLrQ==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: Ot2-AVbpB99zfQiwGvunPIGFoWfoSqEs_AxONaqPBOCWVHqLXoLiBw==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/09/06/%E3%80%90AWS%E3%80%91RDS/Aurora%E3%81%AE%E8%AA%8D%E8%A8%BC%E6%A9%9F%E9%96%A2/%E3%82%B5%E3%83%BC%E3%83%90%E3%83%BC%E8%...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
484 B

5ms
5ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: qMIoR8aeagOTtEV-7Ha1tqG5vgXKNiL8uZ9c2luzcQNSUDEjJpi_xA==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: IxNnuvC73Ub4ORVdj5AwzvyONXnsFDZZisq_iI-9hJMI4EB9eXx6_Q==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/07/06/%E3%80%90AWS%E3%80%91%E3%83%91%E3%83%96%E3%83%AA%E3%83%83%E3%82%AF%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%A8%E9%9D...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
485 B

5ms
4ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: wN3LodndnghilqcPMPANFV7XXBWq-O2p9enMDEDJCyWTmH-7mua7kA==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: ksuSJavob6U5AlnUpl70HRdY80uMfYvKwAgqZEcFaIMxVtPYSNeW4g==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/06/07/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89count%E3%81%A7%E4%BD%9C%E6%...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
485 B

5ms
5ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: ZKqYZnaGdX9i416j0clVeu34EjJYthTaU7IYj2MEUUo5F69oy-7yNA==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: Vph5NDPUUe6POmnIkxJQDaS1CPzcIbJ4QSNsMHdnNePNYteTCHTxyw==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/06/06/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89for%E3%81%A8for_each%E3%81%...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
484 B

5ms
4ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: saxoLfZu8XWp7n3dol2E1r0v6j-VxJ2x9AZ26uKkvlO3c4jcjucr6Q==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: tBcyZmz_HCU9CQoXGJiKOcDFZUgss0btnl4G031Wjvv6mCNFmtOrLw==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/06/05/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89_values%E9%96%A2%E6%95%B0%E...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
485 B

5ms
5ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: udyGyN3MKuXxrFdfNarVoYi31FO-PtiWSJMw1g6eZ4bHJWH5NcL7lw==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: hXpI8gxrKRwEROG8MKXtfTzhLZYuO1l18D5FZX50T_L5BOZscQXDxA==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/06/02/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89_count%E3%82%92%E4%BD%BF%E3...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
485 B

5ms
5ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: WPLTsROvkGsG7UKNotPXW0VZ32NeLoZ5R5akHCPE2mqS7B_62Nh87g==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: EImZiB0BfTL_WS80SUoP-16myVTEq__YiShVdRkraLJKL8hinCeHlQ==

GET
H2

200

00000.gif
b.st-hatena.com/images/users/gif/normal/
Redirect Chain

https://b.hatena.ne.jp/entry/image/https://www.guri2o1667.work/entry/2023/06/01/%E3%80%90Terraform%E3%80%91%EF%BC%88%E5%88%9D%E5%BF%83%E8%80%85%E5%90%91%E3%81%91%EF%BC%89%E5%88%A5%E3%83%AA%E3%83%BC...
https://b.st-hatena.com/images/users/gif/normal/00000.gif

43 B
484 B

6ms
5ms

Image
image/gif

65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.st-hatena.com/images/users/gif/normal/00000.gif

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 02:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 05 May 2011 15:12:44 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 9209001
etag: "07fff40b5dd495aca2ac4e1c3fbc60aa"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=31536000
content-length: 43
x-amz-cf-id: TuzllgN5-j70In2iWsQh-7TaX9cP9Q1EbS9lf-fBUFtl1d9ypqvzlg==
expires: Mon, 26 Aug 2024 02:54:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:21 GMT
via: 1.1 e2880d2d728b87f682842f2e2f05968c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
x-amz-cf-pop: NRT57-P4
x-cache: Miss from cloudfront
location: https://b.st-hatena.com/images/users/gif/normal/00000.gif
cache-control: public, max-age=3600, s-maxage=3600
content-length: 0
x-amz-cf-id: vqzwRooHRgnNSjpM9jSuYGiYwmm_tiUVE5zOlkN8mPIIvdlGtM5Mag==

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
3 KB 166ms
72ms Script
text/javascript 2404:6800:4004:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=00426b123350705ff

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e277619f8d239724e45cb95422f6ebbbf82216623c4957f325ac0131c8ae9746

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-Bx2zw9TgFWDNeFrm7re-EA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Bx2zw9TgFWDNeFrm7re-EA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Mon, 11 Dec 2023 16:57:21 GMT
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2403
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=

GET
H2 200 profile.png
cdn.profile-image.st-hatena.com/users/guri2o1667/ 4 KB
4 KB 19ms
1ms Image
image/png 23.51.130.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.profile-image.st-hatena.com/users/guri2o1667/profile.png?1575427862
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.130.131 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-130-131.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a353cb8723c7c8ac771ce2fb660bd4dc1544b720a00a779ac4b7ec780cc41798

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
last-modified: Wed, 04 Dec 2019 02:51:02 GMT
server: AmazonS3
x-amz-request-id: C164329DF4E7CF6B
etag: "8f9877865d269f090b94b0eafeacddf6"
content-type: image/png
accept-ranges: bytes
content-length: 4088
x-amz-id-2: QU6njyslBF3MZoU899zF5UUZa1UTew8jioLC8cDfYNohD1gfI1fLO0wYnHyo7ogBYoo2X5qT5SI=

GET
H/1.1 404
Not Found ranking.js
rws.a8.net/rakuten/ 0
0 23ms
4ms Script
text/html 54.249.88.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rws.a8.net/rakuten/ranking.js
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.88.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-88-200.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 run_prettify.js Show response
cdn.rawgit.com/google/code-prettify/master/loader/ 1 KB
1 KB 18ms
2ms Script
text/html 2400:52e0:1501::1146:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rawgit.com/google/code-prettify/master/loader/run_prettify.js
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1501::1146:1 , Japan, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1146 /
Resource Hash: 5cacb85b4381eb68337b97be6929fc2c7d2e87ee2caefe34c9f91733ee131032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
server: BunnyCDN-JP1-1146
cdn-requestpullcode: 200
cdn-edgestorageid: 1065
vary: Accept-Encoding
cdn-cache: HIT
cdn-proxyver: 1.04
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-cachedat: 11/30/2023 17:51:48
cdn-pullzone: 201235
cdn-requestid: ae289961e92f4909170839da45d8a7a5
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 quote-x-icon.svg
cdn.blog.st-hatena.com/images/admin/quote/ 547 B
876 B 15ms
13ms Image
image/svg+xml 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.blog.st-hatena.com/images/admin/quote/quote-x-icon.svg?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c67367f76b00e1f99eb8ae2c294ba0b030ecf37a82a8e33f4e5d3a2fa8a0fcc2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: oxuR1E8MMpHzDQMEJO4VyWxCPLnxqsrC
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: 0GM5Q0M878CWTNM6
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 415
x-amz-id-2: xpXnq8gpzZHYKBbag78Mj0Sw0jvmLbavEHwVzj7aFmWUWc7yUC5PiqvSLGz6ROvPSQMZ2deRkEM=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: 9f07f2f
etag: "20f24850f44441c12662f7a42774eaa0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=579778
accept-ranges: bytes
expires: Mon, 18 Dec 2023 10:00:19 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 21ms
2ms Script
application/javascript 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/73EB) /
Resource Hash: 25ddd86f5287d140be6921358b86bc0577b4e434dc0c92adf5537b07f8a7692a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:21 GMT
Content-Encoding: gzip
Age: 1093
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27594
Last-Modified: Fri, 08 Dec 2023 15:37:51 GMT
Server: ECS (tkb/73EB)
Etag: "f97cd33462674ffa90e36fef4d921711+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 bookmark_button.js Show response
b.st-hatena.com/js/ 6 KB
3 KB 4ms
3ms Script
application/x-javascript 65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/js/bookmark_button.js

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
date: Sun, 10 Dec 2023 19:17:42 GMT
last-modified: Wed, 29 Nov 2023 07:08:15 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 77979
etag: W/"6566e35f-1990"
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: sOYzsLSLTa_Hy7VqM6m2tTl9Mv8W8K0S-8leKTjZ7aBD9VeZ1P86NQ==
expires: Mon, 11 Dec 2023 19:17:42 GMT

GET
H2 200 jquery.min.js Show response
cdn.blog.st-hatena.com/js/external/ 95 KB
33 KB 16ms
9ms Script
text/javascript 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/js/external/jquery.min.js?v=1.12.4&version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: yAmw1krHBHjvmX133avr1PBhPFcIVaEW
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STXBXT5EWABCBM03
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 33651
x-amz-id-2: xQjgKu+IQOPxL8qr3bzamzWySwWwiAtkPcU9k0voOkeKzQ7hfW2J2hGLXOrBLHyyi/g2n50jm7o=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: 9f07f2f
etag: "6867b57517fa3acbb4a6617af3242a7b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=579706
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:59:07 GMT

GET
H2 200 texts-ja.js Show response
cdn.blog.st-hatena.com/js/ 63 KB
12 KB 18ms
12ms Script
text/javascript 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/js/texts-ja.js?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d56f6a42842264430022d01f0343c6066af3aec6ba636170e1ba9ea9d065601a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: .pe4HUwlWNJhxyOdSbGqnZ8.P_LXlKEG
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STXF9YBBKMJB8MB8
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 12052
x-amz-id-2: ld9C4jWxvbki6YpjWelBnl38XYcgliNn1ngq6FFYmw5wdpCzos3MAlg9B6SOloYG8N6awZmR1DAOTUjC9Ng1bw==
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: a1bd249
etag: "4038f5958136123c30af3925009390ff"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=579766
accept-ranges: bytes
expires: Mon, 18 Dec 2023 10:00:07 GMT

GET
H2 200 vendors.js Show response
cdn.blog.st-hatena.com/js/ 302 KB
95 KB 15ms
7ms Script
text/javascript 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/js/vendors.js?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19f56ca9d412087eb5ae89db713651f31128fa8fe0c9ce23024ccb5ca961cab7

Request headers

Referer: https://www.guri2o1667.work/
Origin: https://www.guri2o1667.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: RbGk_6.tEg7Y56yq1PSDbExWX_qNYJ_a
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STXEAR2WAEXSF61T
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 96639
x-amz-id-2: v5VfXlPt994EPV6IeBb97EJXwu6zwDfL1OHngvgnW5uvwdzvOzyqpR8MjW5kIlsjymTWthWl9Qo=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: a1bd249
etag: "61fa7fbb180e1fbb6bcbcab93de6f6ab"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=579736
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:59:37 GMT

GET
H2 200 commons.js Show response
cdn.blog.st-hatena.com/js/ 49 KB
17 KB 11ms
3ms Script
text/javascript 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/js/commons.js?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7355e1f782629cafdcbd09838b35dd5d7163f330cff8f141d5bc82eb962432d1

Request headers

Referer: https://www.guri2o1667.work/
Origin: https://www.guri2o1667.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: n7Uu6xRvXqk7ooWfLv1mpz7OOb_5EzH1
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STXAM5PCP98RAD91
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 16924
x-amz-id-2: 7u85Hp3rNHE0KiGjBDNKonhNT48LV+v4UblETrXNVyz0EZ1f1gfX6p9KaUiNHp6qMpmYy3uN37M=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: 9f07f2f
etag: "72ad36fa262620b9990963b8d2ccbf32"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=579716
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:59:17 GMT

GET
H2 200 hatenablog.js Show response
cdn.blog.st-hatena.com/js/ 83 KB
28 KB 13ms
6ms Script
text/javascript 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/js/hatenablog.js?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 69e0f73481c4fc661536e0a2bd0d67f71e51d31c44d66819ba59b72df89c6c30

Request headers

Referer: https://www.guri2o1667.work/
Origin: https://www.guri2o1667.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: twqG2jfFwJD4Fb8bwYfKJALfdAcGk_if
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STX4RKGHPJMNE4AZ
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 28385
x-amz-id-2: e5a7UBfBwrfxwzCVyMy03g5K2grVhN93Xy+R5tLOqQYrj5oJ6cNIhRS1m0nhlf8Bz/ya+ZQKb1c=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: a1bd249
etag: "2347646e75b7120c3817e66ab19dba92"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=579778
accept-ranges: bytes
expires: Mon, 18 Dec 2023 10:00:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 300 KB
94 KB 117ms
73ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P4CXTW

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f41108f4257f9e6bd87a14fb2a9839b9b95ae795587ccf886c459c7b88088e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96235
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
70 KB 95ms
51ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KK8LTRM

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87277aaa92757cf877a29c7a4e50e92977967d84296ba121693dd3a9e7ff39ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71088
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 29ms
9ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: usercss.blog.st-hatena.com
URL: https://usercss.blog.st-hatena.com/blog_style/26006613473222614/a54b43af40abf2cfd7d0c7eea6e1e57697215c06

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://usercss.blog.st-hatena.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 900
age: 578158
cdn-cachedat: 06/19/2022 18:25:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"0831cba6a670e405168b84aa20798347"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 66ac7f1f05c61626ba7dafac5eb99b46
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 833f4423bccbafcf-NRT
cdn-requestpullsuccess: True

GET
H2 200 search@2x.png
cdn.blog.st-hatena.com/images/theme/ 679 B
1 KB 14ms
6ms Image
image/png 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.blog.st-hatena.com/images/theme/search@2x.png?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: usercss.blog.st-hatena.com
URL: https://usercss.blog.st-hatena.com/blog_style/26006613473222614/a54b43af40abf2cfd7d0c7eea6e1e57697215c06
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a88b433671650f26461340ca7a0632469bb8a9b18399dd457d7a50131d360c6c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://usercss.blog.st-hatena.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: oiIbVkKTXauTds60cSPY2FAzVfBk6JA2
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: ZJHW5MP7W7VR64PC
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 684
x-amz-id-2: t9Hoeyn7f/tksW5sv3/RSHsZhVhmOFGot1w/jPMCvxv6VzTRUY1dDKH2j6p1QC5wVQTN5mCGj6c=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: a1bd249
etag: "867b103f2393d8e84ee402f8df9b1135"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=579720
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:59:21 GMT

GET
H2 200 badge-type-pro.svg
cdn.blog.st-hatena.com/images/common/ 819 B
930 B 15ms
6ms Image
image/svg+xml 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.blog.st-hatena.com/images/common/badge-type-pro.svg?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/css/blog.css?version=9f07f2fa593dfd37f929a685ab685f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 05cfca54c38609923c19fcef8f4a646c1dd3386b813e6213539e35294c8a1f49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.blog.st-hatena.com/css/blog.css?version=9f07f2fa593dfd37f929a685ab685f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: pTnnfdFHZk.bff7tEhNbOBtovvqGr12I
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: ZJHST7K3XHX5VXY7
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 469
x-amz-id-2: yjQlLPX68uvz4RRiiPhFnDvH6RsRUNXs/K2Z78oGKWpR0VIX+2zcLovm6sZP6QwSoOz60irBRb8=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: a1bd249
etag: "714b12bd9b992547963adb75b6c79c7b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=579778
accept-ranges: bytes
expires: Mon, 18 Dec 2023 10:00:19 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 16ms
8ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://www.guri2o1667.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 852
age: 3434095
cdn-cachedat: 10/31/2023 18:51:56
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64464
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1dac76bcd99c8db3f09808d13cbbd484
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 833f4423ea132627-NRT
cdn-requestpullsuccess: True

GET
H2 200 sdk.js Show response
connect.facebook.net/ja_JP/ 3 KB
3 KB 11ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbe71671fbca7351a07ac00012c6cbb7826ee6f6f56a22d4f590963049ab7062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 16:57:21 GMT
content-md5: R0CUWjVGFOgm5vBMi7uesQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: qLxrpwpxe1DVWuTgZGa9AWjhLvBT6fz+oYR4CuBAjMs/8PpFPk4BjTnDSAEBT9UcoIkBJ1g+6t75JfcP6BAaTA==
x-fb-content-md5: 7d19e2a42204667bf4ba35540c4fe301
cross-origin-opener-policy: same-origin-allow-popups
etag: "09bec861285e81b88e7c750170b2c54c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 11 Dec 2023 17:06:47 GMT

GET
H2 200 blogs Show response
blog.hatena.ne.jp/-/globalheader/ffffff/333333/ Frame 26EB 14 KB
5 KB 33ms
19ms Document
text/html 13.115.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro

Requested by

Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/js/commons.js?version=9f07f2fa593dfd37f929a685ab685f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.115.18.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-115-18-61.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

798a26038b6f8dd808dda747c0052934a9be85811cc11e08f7c884de11b4c5ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-security-policy-report-only: block-all-mixed-content; report-uri https://blog.hatena.ne.jp/api/csp_report
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 16:57:21 GMT
etag: W/"dab11157c6197d5615191fe11b745dea469a6162"
p3p: CP="OTI CUR OUR BUS STA"
server: nginx
vary: Accept-Encoding Accept-Language,Cookie,Accept-Encoding
x-content-type-options: nosniff
x-dispatch: Hatena::Epic::Web::Admin::GlobalHeader#globalheader
x-proxy-revision: 9f07f2f
x-revision: 9f07f2fa593dfd37f929a685ab685f
x-runtime: 0.006557
x-xss-protection: 1

GET
H3 200 sdk.js Show response
connect.facebook.net/ja_JP/ 303 KB
87 KB 7ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=691a27e238ebc1259ada7f2bc2548806

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

77d574590b409180314935d629700f5e8246fa54508775d5d27fad3c442ddcab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.guri2o1667.work/
Origin: https://www.guri2o1667.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 16:57:21 GMT
content-md5: bBP+4wmMAxp4DNx7o6WSRA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88512
reporting-endpoints
x-fb-debug: hvyku0fhRp0mKejw6p0WHUu7wAub/NeOfMrLf57h7nL3e9cYiisxjEw4yuwdSpiRTf62fTAvOmkxlg5kC3vWIg==
x-fb-content-md5: 5fdb32f69ad04af656d5d906b6e0762c
cross-origin-opener-policy: same-origin-allow-popups
etag: "644af9a9c4fd6554e586262403a33277"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 10 Dec 2024 14:12:01 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 66ms
65ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9100a4fb469925bd483ee7987356ff4fbdf859439560918345e0bdcd0942ce08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137691
x-xss-protection: 0
server: cafe
etag: 12662132480623079491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame CA11 9 KB
4 KB 80ms
1ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 33523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:38:38 GMT
etag: 5585625838579639069
expires: Mon, 25 Dec 2023 07:38:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 log Show response
blog.hatena.ne.jp/api/ 0
609 B 40ms
40ms XHR
text/plain 13.115.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.hatena.ne.jp/api/log?uri=https%3A%2F%2Fwww.guri2o1667.work%2F&referer=&_=1702313841320

Requested by

Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/js/vendors.js?version=9f07f2fa593dfd37f929a685ab685f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.115.18.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-115-18-61.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Accept: */*
Referer: https://www.guri2o1667.work/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-runtime: 0.029264
date: Mon, 11 Dec 2023 16:57:21 GMT
x-content-type-options: nosniff
server: nginx
x-proxy-revision: 9f07f2f
vary: Accept-Language, Cookie
content-security-policy-report-only: block-all-mixed-content; report-uri https://blog.hatena.ne.jp/api/csp_report
p3p: CP="OTI CUR OUR BUS STA"
access-control-allow-origin: https://www.guri2o1667.work
x-dispatch: Hatena::Epic::Web::Admin::Api#log
cache-control: private
access-control-allow-credentials: true
x-frame-options: DENY
x-revision: 9f07f2fa593dfd37f929a685ab685f
x-xss-protection: 1

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 56ms
48ms Script
text/javascript 2404:6800:4004:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/js/hatenablog.js?version=9f07f2fa593dfd37f929a685ab685f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9b06bd00738f4a68b4399de586c337caa1a3b68b1fe1617fd406292c901c078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ja for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H/1.1 200
OK widget_iframe.979019d93e57e124a0ac3dd81bd32027.html Show response
platform.twitter.com/widgets/ Frame A818 319 KB
104 KB 2ms
2ms Document
text/html 2606:2800:248:2f:1d8a:787:dc7:17df
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.979019d93e57e124a0ac3dd81bd32027.html?origin=https%3A%2F%2Fwww.guri2o1667.work
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (tkb/730B) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 263877
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Dec 2023 16:57:21 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Fri, 08 Dec 2023 15:37:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (tkb/730B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 globalheader.css
cdn.blog.st-hatena.com/css/ Frame 26EB 24 KB
5 KB 5ms
3ms Stylesheet
text/css 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/css/globalheader.css?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: blog.hatena.ne.jp
URL: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e8929f781dc20a7ca7048c2263b63c41f715f4c7345386c444991533d4972668

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: D7ka6y4jPsP2ss7k5XEusUtLFsW47Wuy
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STX7G8JHQDXFZCAF
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 4977
x-amz-id-2: o9s3UYiS6Rl61sW1Zy0vJMAIVambhGDnjxzfrWhQ77Bl0si2o5x+AJsq5sV7WMF0odF4Sjpa8Bx8JBSdQ7ur3A==
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: 9f07f2f
etag: "0cc10952842386cf80bbce81e6c086bb"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=579766
accept-ranges: bytes
expires: Mon, 18 Dec 2023 10:00:07 GMT

GET
H2 200 bookmark_button.js Show response
b.st-hatena.com/js/ Frame 26EB 6 KB
3 KB 5ms
4ms Script
application/x-javascript 65.9.42.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.st-hatena.com/js/bookmark_button.js

Requested by

Host: blog.hatena.ne.jp
URL: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.42.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-68.nrt12.r.cloudfront.net

Software

nginx /

Resource Hash

f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
date: Sun, 10 Dec 2023 19:17:42 GMT
last-modified: Wed, 29 Nov 2023 07:08:15 GMT
server: nginx
x-amz-cf-pop: NRT12-C5
age: 77979
etag: W/"6566e35f-1990"
x-cache: Hit from cloudfront
content-type: application/x-javascript
access-control-allow-origin: https://b.hatena.ne.jp
cache-control: max-age=86400
x-amz-cf-id: pr6LV01pwFOHVnHPo6v7o2OqgLY4QbuGdD9pr0eOb3HroVatoTuXQQ==
expires: Mon, 11 Dec 2023 19:17:42 GMT

GET
H2 200 jquery.min.js Show response
cdn.blog.st-hatena.com/js/external/ Frame 26EB 95 KB
33 KB 5ms
4ms Script
text/javascript 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/js/external/jquery.min.js?v=1.12.4&version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: blog.hatena.ne.jp
URL: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: yAmw1krHBHjvmX133avr1PBhPFcIVaEW
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STXBXT5EWABCBM03
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 33651
x-amz-id-2: xQjgKu+IQOPxL8qr3bzamzWySwWwiAtkPcU9k0voOkeKzQ7hfW2J2hGLXOrBLHyyi/g2n50jm7o=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: 9f07f2f
etag: "6867b57517fa3acbb4a6617af3242a7b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=579706
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:59:07 GMT

GET
H2 200 texts-ja.js Show response
cdn.blog.st-hatena.com/js/ Frame 26EB 63 KB
12 KB 6ms
5ms Script
text/javascript 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/js/texts-ja.js?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: blog.hatena.ne.jp
URL: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d56f6a42842264430022d01f0343c6066af3aec6ba636170e1ba9ea9d065601a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: .pe4HUwlWNJhxyOdSbGqnZ8.P_LXlKEG
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STXF9YBBKMJB8MB8
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 12052
x-amz-id-2: ld9C4jWxvbki6YpjWelBnl38XYcgliNn1ngq6FFYmw5wdpCzos3MAlg9B6SOloYG8N6awZmR1DAOTUjC9Ng1bw==
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: a1bd249
etag: "4038f5958136123c30af3925009390ff"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=579766
accept-ranges: bytes
expires: Mon, 18 Dec 2023 10:00:07 GMT

GET
H2 200 vendors.js Show response
cdn.blog.st-hatena.com/js/ Frame 26EB 302 KB
95 KB 22ms
21ms Script
text/javascript 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/js/vendors.js?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: blog.hatena.ne.jp
URL: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19f56ca9d412087eb5ae89db713651f31128fa8fe0c9ce23024ccb5ca961cab7

Request headers

Referer: https://blog.hatena.ne.jp/
Origin: https://blog.hatena.ne.jp
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: RbGk_6.tEg7Y56yq1PSDbExWX_qNYJ_a
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STXEAR2WAEXSF61T
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 96639
x-amz-id-2: v5VfXlPt994EPV6IeBb97EJXwu6zwDfL1OHngvgnW5uvwdzvOzyqpR8MjW5kIlsjymTWthWl9Qo=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: a1bd249
etag: "61fa7fbb180e1fbb6bcbcab93de6f6ab"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=579736
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:59:37 GMT

GET
H2 200 commons.js Show response
cdn.blog.st-hatena.com/js/ Frame 26EB 49 KB
17 KB 5ms
4ms Script
text/javascript 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/js/commons.js?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: blog.hatena.ne.jp
URL: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7355e1f782629cafdcbd09838b35dd5d7163f330cff8f141d5bc82eb962432d1

Request headers

Referer: https://blog.hatena.ne.jp/
Origin: https://blog.hatena.ne.jp
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: n7Uu6xRvXqk7ooWfLv1mpz7OOb_5EzH1
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STXAM5PCP98RAD91
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 16924
x-amz-id-2: 7u85Hp3rNHE0KiGjBDNKonhNT48LV+v4UblETrXNVyz0EZ1f1gfX6p9KaUiNHp6qMpmYy3uN37M=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: 9f07f2f
etag: "72ad36fa262620b9990963b8d2ccbf32"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=579716
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:59:17 GMT

GET
H2 200 bundle-globalheader.js Show response
cdn.blog.st-hatena.com/js/ Frame 26EB 20 KB
9 KB 3ms
3ms Script
text/javascript 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.blog.st-hatena.com/js/bundle-globalheader.js?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: blog.hatena.ne.jp
URL: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ab4fc0d036f7d73bd2e465681d76fe63c0945680ef5b9fb627b275c2c700ae71

Request headers

Referer: https://blog.hatena.ne.jp/
Origin: https://blog.hatena.ne.jp
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: rh8xBzMcYUVoH9ucGAIf_4sXoIxfFcpH
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: STX2MBW4PY9EZCYJ
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 8545
x-amz-id-2: PW4J1bS5DuLtcNB60obmncCzjCneMKSIIwTvCbnOjDm1UFgB0pNjrp5O8v4t37GiY6VF7PxLbYA=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: a1bd249
etag: "c442dcb3f19e46cb60f3807e1c7c8314"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=579766
accept-ranges: bytes
expires: Mon, 18 Dec 2023 10:00:07 GMT

GET
H2 200 profiles Show response
pf-api.hatena.com/profile/ 217 B
322 B 16ms
5ms XHR
application/json 52.69.85.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pf-api.hatena.com/profile/profiles?name=guri2o1667
Requested by: Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/js/vendors.js?version=9f07f2fa593dfd37f929a685ab685f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.69.85.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-69-85-8.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 57d3da56e16ce2a932574ba8291feb38f8c2faa03cfa95c97701b803e456a8bc

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.guri2o1667.work/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 16:57:21 GMT
content-length: 217
content-type: application/json; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 44ms
1ms Script
text/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK8LTRM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 16:42:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 18:42:49 GMT

GET
H2 200 hotjar-2236646.js Show response
static.hotjar.com/c/ 0
432 B 241ms
223ms Script
application/javascript 13.35.49.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2236646.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KK8LTRM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.49.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-49-63.nrt20.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
date: Mon, 11 Dec 2023 16:57:21 GMT
x-content-type-options: nosniff
via: 1.1 178a96b32b70ebacd2b7ef5ba2a3dfaa.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C1
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 0
x-amz-cf-id: C-pHUKaUxouBi_yzwgLdylCzmYHrEH_LB9R5iaMzAvR_UHnmYt6Xyw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 46ms
46ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HLDXGWFW73&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4CXTW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

400bcfa50986cb714c088f52410c1d86f23cf931405f4198096ba618a190f15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79629
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A818 870 B
659 B 115ms
103ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=db6ab783a333c54dcb1ee337314fb4b7a7db5785

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.979019d93e57e124a0ac3dd81bd32027.html?origin=https%3A%2F%2Fwww.guri2o1667.work

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 101
date: Mon, 11 Dec 2023 16:57:20 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 11 Dec 2023 16:57:21 GMT
server: tsa_m
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 525707ace0b0fd09
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 1d96d4641571465f6e5a1f8b9ca279313292ced8af1673c78edf9e14d3d50598
content-length: 338

GET
H2 200 cse_element__ja.js Show response
www.google.com/cse/static/element/3bd4ac03c21554b3/ 316 KB
105 KB 95ms
43ms Script
text/javascript 2404:6800:400a:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3bd4ac03c21554b3/cse_element__ja.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=00426b123350705ff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2004 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5628a0ac534fa3721f6a5c73b49aefd07288dba3da94a710d621650f1b3eebba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107563
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:53:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H2 200 default+ja.css
www.google.com/cse/static/element/3bd4ac03c21554b3/ 41 KB
9 KB 105ms
54ms Stylesheet
text/css 2404:6800:400a:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+ja.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=00426b123350705ff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2004 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:53:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 61ms
10ms Stylesheet
text/css 2404:6800:400a:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=00426b123350705ff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2004 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 11 Dec 2023 17:23:49 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 26EB 300 KB
94 KB 46ms
46ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P4CXTW

Requested by

Host: blog.hatena.ne.jp
URL: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ccf9d0c20e57aadbc0b92bc70a9e66637f15591574a7ecceffa4597445cd0dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96234
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/dee96cfa/www-widgetapi.vflset/ 216 KB
67 KB 2ms
1ms Script
text/javascript 2404:6800:4004:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dee96cfa/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc2f89a221891fdcdf1224b55af497ef691f10afb666751af411e3260a8b7244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:33:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68322
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 08:33:30 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
225 B 39ms
38ms XHR
text/plain 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1881191739&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guri2o1667.work%2F&ul=en-us&de=UTF-8&dt=%E8%87%AA%E7%94%B1%E6%B0%97%E3%81%BE%E3%81%BE%E3%81%AB%E6%9B%B8%E3%81%84%E3%81%A1%E3%82%83%E3%81%8A%E3%81%86&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1629258658&gjid=1309073342&cid=537628235.1702313842&tid=UA-154986851-1&_gid=1311478420.1702313842&_r=1&_slc=1&gtm=45He3bt0n81KK8LTRM&gcd=11l1l1l1l1&dma=0&z=81038469

Requested by

Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/js/vendors.js?version=9f07f2fa593dfd37f929a685ab685f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a5cea4cf0051533f9c49c5808cc6f6bca1d223fc9f062b474282455ada2aa9c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guri2o1667.work/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guri2o1667.work
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5FDC 566 KB
115 KB 752ms
751ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&adk=1812271804&adf=3025194257&lmt=1702313841&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313841408&bpp=6&bdt=291&idt=193&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=593224881156&frm=20&pv=2&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14d5b1b904f4fad602fc38d1424d0b3b03c8c26f4e36aad589e6cef18a6c0dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 117273
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:22 GMT
expires: Mon, 11 Dec 2023 16:57:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 26EB 52 KB
21 KB 2ms
2ms Script
text/javascript 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/js/commons.js?version=9f07f2fa593dfd37f929a685ab685f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://blog.hatena.ne.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 16:42:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 18:42:49 GMT

GET
H2 200 init Show response
blog.hatena.ne.jp/api/ Frame 26EB 587 B
942 B 23ms
22ms XHR
application/json 13.115.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.hatena.ne.jp/api/init?name=&blog=https%3A%2F%2Fwww.guri2o1667.work%2F

Requested by

Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/js/vendors.js?version=9f07f2fa593dfd37f929a685ab685f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.115.18.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-115-18-61.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

25e47c12de6501eafc1db63c7a322b88a600e6d6f5572034b206f611ab16d623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro
X-Requested-With: XMLHttpRequest
accept-language: jp-JP,jp;q=0.9
baggage: sentry-environment=production,sentry-release=9f07f2fa593dfd37f929a685ab685f,sentry-public_key=03a33e4781a24cf2885099fed222b56d,sentry-trace_id=270ccfce1ef5475d9e5aa08a6ecb7fe3,sentry-sample_rate=0,sentry-sampled=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
sentry-trace: 270ccfce1ef5475d9e5aa08a6ecb7fe3-ab3a0744a31c2188-0

Response headers

x-runtime: 0.013626
date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-proxy-revision: 9f07f2f
vary: Accept-Encoding, Accept-Language,Cookie,Accept-Encoding
content-security-policy-report-only: block-all-mixed-content; report-uri https://blog.hatena.ne.jp/api/csp_report
p3p: CP="OTI CUR OUR BUS STA"
content-type: application/json; charset=utf-8
x-dispatch: Hatena::Epic::Web::Admin::Api#init
cache-control: no-cache
x-frame-options: DENY
x-revision: 9f07f2fa593dfd37f929a685ab685f
x-xss-protection: 1

GET
H2 200 dropdown@2x.png
cdn.blog.st-hatena.com/images/header/ Frame 26EB 1 KB
1 KB 4ms
3ms Image
image/png 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.blog.st-hatena.com/images/header/dropdown@2x.png?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: blog.hatena.ne.jp
URL: https://blog.hatena.ne.jp/-/globalheader/ffffff/333333/blogs?device=pc&brand=pro
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c32c746e0ac1d6e1b60b677bdf5e4da829f89af92e287d149b29aafee0d63193

Request headers

Referer: https://blog.hatena.ne.jp/
Origin: https://blog.hatena.ne.jp
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Uem0WwyrBXPKX2m25UjdhjpLXWdmbI2M
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: 0GM3VA42KXYV7ST4
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 764
x-amz-id-2: cIp0SdhUB1A6TM1ti6QXfQx05BWzHq0YVruTmeCNXGaGfajf6yZ9NzHQbX3VODfmtW0dyjI8OfQ=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: a1bd249
etag: "b7a9dd395d421495e71ace922b4a468a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=579726
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:59:27 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B3E 154 KB
45 KB 536ms
536ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=280&adk=33187953&adf=461504685&pi=t.aa~a.279446055~rp.1&w=1030&fwrn=4&fwrnh=100&lmt=1702313841&rafmt=1&to=qs&pwprc=9467480384&format=1030x280&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313841414&bpp=1&bdt=298&idt=210&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=212

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0011c8532298b31e1b85c7c7d4f5997cad72566f1247deeff965cee49e8895e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:22 GMT
expires: Mon, 11 Dec 2023 16:57:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 147ms
35ms XHR
text/plain 2404:6800:4008:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-154986851-1&cid=537628235.1702313842&jid=1629258658&gjid=1309073342&_gid=1311478420.1702313842&_u=YEBAAEAAAAAAACAAI~&z=256276545

Requested by

Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/js/vendors.js?version=9f07f2fa593dfd37f929a685ab685f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c03::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.guri2o1667.work/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 11 Dec 2023 16:57:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guri2o1667.work
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 48ms
48ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZRV7PEJY01&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5622d7c0b6d2265dbca533e16777238c5f6c89d35e596757f00f8d0fdf0ccf66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83020
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H2 200 hatena-follow-button.png
cdn.blog.st-hatena.com/images/theme/ 2 KB
2 KB 3ms
3ms Image
image/png 23.39.217.2
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.blog.st-hatena.com/images/theme/hatena-follow-button.png?version=9f07f2fa593dfd37f929a685ab685f
Requested by: Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/css/blog.css?version=9f07f2fa593dfd37f929a685ab685f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.217.2 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-217-2.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e6fe6a47906a95d41d4415b72bde1b95a94963230cd5e62ea7d6cdec9bb5c519

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.blog.st-hatena.com/css/blog.css?version=9f07f2fa593dfd37f929a685ab685f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Q9wMEV.UUvbbCxe5k87RsahFMCtQW144
content-encoding: gzip
date: Mon, 11 Dec 2023 16:57:21 GMT
x-amz-request-id: 0GM6R6M6GGVEP5G0
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 9f07f2fa593dfd37f929a685ab685fa3ad2030b2
x-amz-meta-branch: staging/master
content-length: 1759
x-amz-id-2: HhHq0FQL5zhta2Ns7Q3OeU16+xsbLCoc1G6I/JERrxZaAgcN+19JOXKp7vE9RK3mbR5g45WkT4U=
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-proxy-revision: 9f07f2f
etag: "b9e99050194270ba2d94ff058e9bff02"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=579742
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:59:43 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 36ms
35ms Ping
text/plain 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HLDXGWFW73&gtm=45je3bt0v877252678z86350810&_p=1702313841165&gcd=11l1l1l1l1&dma=0&cid=537628235.1702313842&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702313841&sct=1&seg=0&dl=https%3A%2F%2Fwww.guri2o1667.work%2F&dt=%E8%87%AA%E7%94%B1%E6%B0%97%E3%81%BE%E3%81%BE%E3%81%AB%E6%9B%B8%E3%81%84%E3%81%A1%E3%82%83%E3%81%8A%E3%81%86&en=page_view&_fv=1&_ss=1&ep.page_id=index&ep.is_pro=pro&ep.brand=pro&ep.enabled_ads=false&ep.blog_is_public=true&ep.post_date=false&ep.is_japanese=true&ep.enabled_responsive=true&ep.blog_is_sleeping=false&ep.router_type=blogs&ep.blog_id=blog_26006613473222614&ep.entry_id=entry_false&ep.keyword_campaign=&ep.blogmura=&tfd=727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HLDXGWFW73&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guri2o1667.work
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 143 KB
52 KB 63ms
62ms Script
text/javascript 2404:6800:4004:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/3bd4ac03c21554b3/cse_element__ja.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81d::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9211b98042b17907d74bb76aa84613fe8d9dec0208003af8082899a662a00c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "12933309866110392501"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Mon, 11 Dec 2023 16:57:21 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 11ms
10ms Image
image/png 2404:6800:400a:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+ja.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2004 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+ja.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 06:48:23 GMT
x-content-type-options: nosniff
age: 382138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 06 Dec 2024 06:48:23 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/ja/ 1 KB
1 KB 9ms
9ms Image
image/png 2404:6800:400a:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ja/branding.png

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2004 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 06:17:51 GMT
x-content-type-options: nosniff
age: 383970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1283
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 17:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 06 Dec 2024 06:17:51 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 44ms
1ms Image
text/plain 2404:6800:4004:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:828::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 39ms
38ms Ping
text/plain 2404:6800:4004:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZRV7PEJY01&gtm=45je3bt0v9126511052&_p=1702313841165&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=537628235.1702313842&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.guri2o1667.work%2F&dt=%E8%87%AA%E7%94%B1%E6%B0%97%E3%81%BE%E3%81%BE%E3%81%AB%E6%9B%B8%E3%81%84%E3%81%A1%E3%82%83%E3%81%8A%E3%81%86&sid=1702313841&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=776
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZRV7PEJY01&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:820::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.guri2o1667.work
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6B3E 510 B
691 B 80ms
39ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%BCu%E3%83%AB%EF%BC%8509em%E5%A4%A7%EF%BC%8D%E3%83%95%E3%82%BBT%E3%82%AA%E6%9C%80

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=280&adk=33187953&adf=461504685&pi=t.aa~a.279446055~rp.1&w=1030&fwrn=4&fwrnh=100&lmt=1702313841&rafmt=1&to=qs&pwprc=9467480384&format=1030x280&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313841414&bpp=1&bdt=298&idt=210&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=335&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eff8e6a844522897b74ff661425c391c856245255ee4e41508ed8c066a722261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 16:57:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6B3E 15 KB
1 KB 82ms
42ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 16:20:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6B3E 2 KB
902 B 48ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:50:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 6B3E 24 KB
9 KB 44ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:47:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6B3E 3 KB
1 KB 45ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6B3E 20 KB
9 KB 42ms
1ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B3E 202 KB
64 KB 140ms
93ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 6B3E 37 KB
16 KB 42ms
2ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 20:20:38 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6B3E 16 KB
16 KB 45ms
3ms Image
image/jpeg 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRQy0uU8eZyLqpDF4OXdnG5tElTf7zBdXFRGUhHVIfAlENEnKWRjJY4_FYgkqQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

200c0ccda50b8a1a4ebeab7883e7a0c4d13da28d390f7528c96aa429014c44f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:56:36 GMT
x-content-type-options: nosniff
age: 349246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16750
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 07:49:50 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 06 Dec 2024 15:56:36 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6B3E 24 KB
24 KB 49ms
3ms Image
image/jpeg 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTaa25o1BQlqOoo5_z3UBSNWNiiWJZeSbIaf73yyW6ygDrwJEwDYRTzQPPT4g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

770158d16cb2ccb530d70933b5bd84f4569dab6fe2f56f915efb4408bb7fdaf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:04:51 GMT
x-content-type-options: nosniff
age: 247951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24073
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 03:57:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 07 Dec 2024 20:04:51 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6B3E 33 KB
34 KB 44ms
2ms Image
image/jpeg 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS13ZDNYcOkXdLu4Rz7j_2Ts0LFmYL5NsrJiBuLhDS_LfJAFJ5W3VHs0vaVYYE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f386f7c5c13cd3869ac5018708bbe38719848f6511636bd7cb3b8c51586cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:38:42 GMT
x-content-type-options: nosniff
age: 62320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34092
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 09:44:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 09 Dec 2024 23:38:42 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6B3E 20 KB
20 KB 48ms
2ms Image
image/jpeg 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTES85BiA9SoynsYmgA5BrDh8UNMWtd3uX2SFWLbElsLEhyzNlFSPgscns5iQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46bcaed5815c3721590c83b6c5844f189ce2c38982a680443e38c4b2c5f967c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:38:42 GMT
x-content-type-options: nosniff
age: 62320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20278
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 07:09:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 09 Dec 2024 23:38:42 GMT

GET
H2

200

12589505205993449889
tpc.googlesyndication.com/simgad/ Frame 6B3E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCW46TzmgEQsAkYsAkyCCtyDyDi_3UE
https://tpc.googlesyndication.com/simgad/12589505205993449889

77 KB
78 KB

3ms
2ms

Image
image/png

2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12589505205993449889

Requested by

Protocol

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 11:59:21 GMT
x-content-type-options: nosniff
age: 363481
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 03:43:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 11:59:21 GMT

Redirect headers

date: Mon, 11 Dec 2023 11:57:12 GMT
x-content-type-options: nosniff
server: cafe
age: 18010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12589505205993449889
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 11:57:12 GMT

GET
DATA 200
OK truncated
/ Frame 6B3E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d7b82b7dde8ab62e859f7a0de706c7f81c3d4d22b4094a4fbbb476dcf060e6f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6B3E 33 KB
34 KB 41ms
2ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:24 GMT
x-content-type-options: nosniff
age: 159298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 20:42:24 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 6B3E 6 KB
6 KB 42ms
4ms Font
text/html 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxor4m4x4odg91vKLBlJNTeqW0M8gj3aoAPqxsCQs9DLEset&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%BCu%E3%83%AB%EF%BC%8509em%E5%A4%A7%EF%BC%8D%E3%83%95%E3%82%BBT%E3%82%AA%E6%9C%80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fb62e9c3200fa29039822e9f1a07a051d3fa8e6ca02591b1dc5f8cd3afec282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:38:48 GMT
x-content-type-options: nosniff
age: 40714
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6120
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Mon, 11 Dec 2023 05:38:48 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6B3E 20 KB
20 KB 40ms
3ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:19 GMT
x-content-type-options: nosniff
age: 337803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:07:19 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 53ms
52ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

003cb71e350744d959dbb2d5a943e976c6cc9a614ab295e28df9f583945425bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56002
x-xss-protection: 0
server: cafe
etag: 9789095391268395838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CBAE 129 KB
44 KB 453ms
452ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=1205157737&pi=t.aa~a.2625880853~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280&nras=3&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dc7ea17f4fe20c5733dc6cf274c87a4316a9d96c3652e20a75f8a93b71f3dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45454
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:22 GMT
expires: Mon, 11 Dec 2023 16:57:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9AF1 124 KB
43 KB 515ms
515ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf755e051257e1d0e3f82b2bcbd76cfa012d1e690788545bcaec1cb2dcd4a1d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43743
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:23 GMT
expires: Mon, 11 Dec 2023 16:57:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 55AA 169 KB
54 KB 373ms
373ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=600&adk=2226316099&adf=3536934912&pi=t.aa~a.1678542404~rp.4&w=290&fwrn=4&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=290x600&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200%2C640x200&nras=5&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=4023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adcf4994650ee7b152ddbf049a827d18ab6ec4a84b403e1b68dbaa21236d520f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNvFiZ_th4MDFZgCewcdnt4OsQ&gqi=cj93Zc_XI_yypt8Pjbi6yAs&layout=/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 54762
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNvFiZ_th4MDFZgCewcdnt4OsQ&gqi=cj93Zc_XI_yypt8Pjbi6yAs&layout=/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:22 GMT
expires: Mon, 11 Dec 2023 16:57:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 37ms
37ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&hl=ja&pvc=3498489636656697

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 36ms
35ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44787782&pos=UNKNOWN_POSITION&vpt=DESKTOP&pvc=3498489636656697

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6B3E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cxu6WcT93ZfaPKIqogAP876vYCvCIieB0rfHo04ISlKrt2-IQEAEgncWse2CJ88WE9BOgAaHAmPEoyAEJqQIEwq9ztrOCPqgDAcgDywSqBO8BT9A1o6gJWcSsUwb85xMWQKrI_57DY6Eh-aI...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x60318b3dacccaf010000000000000000%22,%222%22:%220xc5d199ba04bd29290000000000000000%22,%223%22:%220x50de2f...

0
0

79ms
40ms

Fetch
text/css

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x60318b3dacccaf010000000000000000%22,%222%22:%220xc5d199ba04bd29290000000000000000%22,%223%22:%220x50de2f23d3b6dfbb0000000000000000%22,%224%22:%220x2840d8b7eea33ccd0000000000000000%22,%225%22:%220x66c888128e9f4f840000000000000000%22},%22debug_key%22:%225967360984396132983%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213822468331042200193%22}&andc=true

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x60318b3dacccaf010000000000000000","2":"0xc5d199ba04bd29290000000000000000","3":"0x50de2f23d3b6dfbb0000000000000000","4":"0x2840d8b7eea33ccd0000000000000000","5":"0x66c888128e9f4f840000000000000000"},"debug_key":"5967360984396132983","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"13822468331042200193"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Dec 2023 16:57:22 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 16:57:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x60318b3dacccaf010000000000000000","2":"0xc5d199ba04bd29290000000000000000","3":"0x50de2f23d3b6dfbb0000000000000000","4":"0x2840d8b7eea33ccd0000000000000000","5":"0x66c888128e9f4f840000000000000000"},"debug_key":"5967360984396132983","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"13822468331042200193"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BFB 51 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 348313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 16:12:09 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 77ms
40ms Fetch
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/js/vendors.js?version=9f07f2fa593dfd37f929a685ab685f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.guri2o1667.work/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 4A17 9 KB
4 KB 2ms
1ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 33523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:38:39 GMT
etag: 5585625838579639069
expires: Mon, 25 Dec 2023 07:38:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 765C 9 KB
4 KB 2ms
1ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 33523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:38:39 GMT
etag: 5585625838579639069
expires: Mon, 25 Dec 2023 07:38:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame F1B3 9 KB
4 KB 2ms
1ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 33523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:38:39 GMT
etag: 5585625838579639069
expires: Mon, 25 Dec 2023 07:38:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame AC10 9 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 33523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 07:38:39 GMT
etag: 5585625838579639069
expires: Mon, 25 Dec 2023 07:38:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 149ms
41ms Preflight
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 16:57:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4A17 4 KB
744 B 36ms
36ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 16:39:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4A17 205 B
519 B 3ms
2ms Image
image/png 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:38:42 GMT
x-content-type-options: nosniff
age: 62320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 09 Dec 2024 23:38:42 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4A17 604 B
696 B 3ms
3ms Image
image/png 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:55:15 GMT
x-content-type-options: nosniff
age: 349327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 06 Dec 2024 15:55:15 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 4A17 16 KB
7 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6784
x-xss-protection: 0
server: cafe
etag: 2582286893585073394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 4A17 22 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 21:55:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 765C 24 KB
9 KB 1ms
1ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:47:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBB8 143 B
166 B 4ms
3ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:32:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 765C 3 KB
1 KB 2ms
1ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 765C 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 17600292247918370964
tpc.googlesyndication.com/simgad/ Frame 765C 53 KB
53 KB 5ms
4ms Image
image/png 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17600292247918370964?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qleoJ5STvrMYDdEOrFAjSv2Q9h9Pw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2342f3e288ee4fc441e985534ea9df09298b9b98daef0d462c3fb59cf17ddac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:18:16 GMT
x-content-type-options: nosniff
age: 344346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54343
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 08:52:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 17:18:16 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 765C 202 KB
61 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 17:53:41 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 765C 36 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:52:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14788
x-xss-protection: 0
server: cafe
etag: 1899721059218863233
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:52:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F1B3 956 B
513 B 43ms
42ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%AA%E3%83%BC%E3%81%8C%E3%82%82%E3%82%89%E4%BB%8A%E3%82%BB%E3%81%88n%E3%81%BE%E5%B9%B4o%E3%81%A8%E6%8F%83%20%E5%BE%97%E3%81%8Bz%E3%81%8F%E3%82%B7a%E3%83%97%E3%81%84%E3%83%9B%E3%82%93%E3%82%88%E3%82%81%E3%81%99%E3%82%A1%E3%81%A0%E6%9C%AB%E7%9B%9B%E3%83%B3%E3%83%88%E3%81%A7%E3%81%95%E3%82%8B%E3%80%82%E3%83%AC%E3%81%8A%E3%81%AEA%E3%81%A3%E3%83%A7%E3%81%86%E3%83%95%E3%81%A6%E3%82%8A%E8%A6%8B%E3%83%AB%E3%83%87%E5%93%81m%E3%83%83%E3%81%90%E8%B2%B7%E3%80%81%E3%82%BC

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfd9935d4be8713c865e1cafe71638702f9d6f16c43c5bbe4bb5356725d2ceca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 16:57:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F1B3 7 KB
1 KB 55ms
54ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 15:17:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F1B3 2 KB
822 B 1ms
1ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:50:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame F1B3 24 KB
9 KB 2ms
1ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:47:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F1B3 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F1B3 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F1B3 202 KB
61 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 17:53:41 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame F1B3 37 KB
15 KB 2ms
1ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 20:20:38 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F437 217 B
132 B 47ms
45ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYkYCr7gEwAQ&v=APEucNWOmQWE90rbba5fxSEpd9raywyE03JDneI8XzQfGjuMGFvmsL6EgKYfMWt9Tv5PGs-Jy0a6WIX8dZrIfA798Poo_YOC1A

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b1661ffb71705ae01b3b0cea6c065ae93d49d6b547bfeeec0260fa92bf2793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 112
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A809 89 KB
31 KB 74ms
74ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1525516/72173817/xbbe/creative/ Frame A809 263 KB
80 KB 327ms
5ms Script
application/javascript 54.238.129.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1525516/72173817/xbbe/creative/adj?p=APEucNWccohOKjOnEzYz-D57YpQ--Wvq81XkvBlV6GAKit_bMbFYiE0&d=CokBAKAmf-BUBL2Ur7vBucBKR7YjZHQF6sPmI8D1wQbULOWNSpktvG1P4i6WB0-6uVx1d_MQo7aFs2ZCFKXvBrARL7sIcVfsJKqxm5iV0coiVJJOIykfHhzgLdVdVF9LXDF0ZOBV8sFUj_CfzN2AxRbhzF7ECd_Q8UR_jTo5G_aZgXg9iYEbHbTn3EISiRUAoCZ_4OFeIVgyA2HZlMybtIX8mrSLlq4fdq-I0nTB-uShGhwCU6qWovruQFy4HbCVvwFcTTR0cYB7ltqMqo8LaVjWEhw_UZmMC8g18c0Vgp3o1jvHEo2H5YtBs4XFGJW1m0yyxAiwi3xwV9MoKvN9A-RpXWfAEEoTBN-eM_6t-CY4z1QKT2UcyHYk178Y9iyNepHwvVPGKDG4pCzehKdC0pkE0NF89A9Qcf2-xoUSG87HSZKhoFAO4csUjFVv6XogOGXJKV7J9U9_KlecRrGGdnxpbI_rlxgQm80j3RkJ0LkbpRXW8nzI8V94hFuPrRt6eDIGQnldlFZDk2dPYUO8aTFYesAjRH4ciybVdZyUsKUn366UQlFC-N4_R_DtlN-0th6VStCwW5Bf_hNkecOdSG5jm5fHTnyXNAhTyBPJhijPfIE8h_C-_la6glif3yB70BroZXuPMuxELCfHn6a_gkovc29Q4pAOM0aSSqKenNdOh5sBFVzA_IbeEXKyQ2qZIy9k0SkGwlQBP9XZaepk-Ci7y136Va_BTh3aXWXuYQWswn_vfW-UYFALR_gqg9OeCxh65VQNvMEbhC9cz4M0cisxHEN-UDeQ7n5FE8SUt-DQRmvIMdFGCAH0rkWdYDEAMV625MpU12XR8q1zPxv3mdp-yhrIWmGXe07Je4mIlXfp3Odn7MPFnOLwW-o_BTiPoYgRo8pd85eIp4B1D8asgLGf_x6Iy4rkhY76rWU6gWy4XwV5SXJwU_kHBUsdUqttRe33vP-girvO7ZpQH0y2zriMhS42Jf_BgqzLWVeuvuSI-kp7sQpfQG6ACuFN-Qr1nxVXl1gqzn5tBODykUvUo04P5R0GtGd4ttUx33k-4wxG-eoq1PVMFBTf7qRirZlhOoIgFlw7TUe0w_PNZwg6xWQRwQkPsugM20z3AM7pfOjfoXeWFB6uaP7bCX8xySg-_vgcgqlTzccRlWHEnZ35S2FVrcoww09E2OAH_k_fDRpRCrxDfy0nHf332O_6rexumy9WWf5rrw9l8IuGaag6qCeaupJhPZYPGm2H-FtkyEhuGTNOs03W2Nc0VKkJawXwONe1P7YZb-6gmc6XcmDHsgywGVXIrRg7SYLFk4xHCQBw32A8UxWUSODKC0IQ6vzgmjq1zxcSAY7RYvm2CLUPRsmBG7O4J8sBh2WGwExLfdPEvNI9p13QWMFvUlJKHGt7i_PdqJ8hlCMq91kGqfSkC2pYPx58b2-ZlwNnGDhs8DDZqvpOAGjI-JsQs8tNx895FyXlbgmr9XYjcIZJmCBIe6Rx_mPylxGIpSGr8pvapI7yW9aCdNxKTLBqK2OGMg1iEFCTxFiIHfHHiH2ytVHsiJOtVGP61--xo53evxY-6_JJFSET4356ONvtVPDRA5jxu0kNZYatZQSIufXGzKAXr5umZxofSPmgLZb92NNSgMUnvYkDslVAbrTfIJG-suSqVvkN-mGMrBHTcg1ZC4rhELCyPC9yRMIlbgkv5T-ud1DAf5QAQ3UddG-hefnRMwaVehwtGXRHdTrKIVbpgLqsMJOMpRFq6LImhYOXqAC8deXmmJUzSoJa2xtvYXcpPprzxM07Hrzd2tU0YhrmINno_WT154WpBKxW8hlNnX3xaQqJDh2QXObAfU4TaqovbaFGIyAgun7wjm7TsQG6IvsiwqwkRKr690idv9cwjVDM6koqMG23T6aYydUGto1l1SjRTxOPaqbvHvnyxOeVhNs2QR2uw1CaTLctQV79gM4EcUs1vHeHJwFJDWk5LHFYJiPfwPXSKt2-roGB8fiQW3qUFSDuv4I8VvAXB9lPy-Km6-aEIG0FUfKPMwAycghlGsDEkbpUfYWaDMRHiY6-p96bsyke0wekXtPGPZ7AgyFJG4MZ2PYjgyiIrgM6LzEMaMz2HNcgabOvHBZrbk8v-Hv_nOfkY3iie7xvW-1AjYQUVb12yoFESGp2ZOGUyftiIpqC1bu3UrRZA4jiF-3kZ64uiy7nW_xot6pZ9ZpHF56OPJRk7FKraXzRg6J5uAgFCWWL0Q2Cdtor3sB2Vcmw3SGkcMxnCbPeso3udgAbdot25TgYhTn1QyxtOrhDG_anoeEHAc6HtepRewLtMBzWVM8FG0lH8STkq25kVnZ1nzT1qXR0VRNCkqbdmO-vSj36B-c9gKdby42IjtC7VbGkMzMt1aExIGDjc8DZXqx5FWVPj_0VOj4zZeWK2AchM8LxpI_es627ArnKhPm6c4Lh90-FjXV8jwzrJfdfM42FGu7AP_5fQEdqnVSpXPBRlDZAju9uGnAocdrCHa3vJWrbNj1RD5dFHxXLGll4S6_j-2cnt8iQaCSnfiYpE4gnPyJX6kb0A7Cp0lHCAIGLR6h6LHLaedgcCTN3wacC0pWy-KTM5loFuhvc6eFWDUKgxrNNMPYIrlw4ji-nZrouCGKBUgeJO_R_NzbRQEp9cuSmxX1mnCegxLNcFRFTszGl7sg20MogSDwSkmHcc1Ru0Rcdr-jfBQZfZ4MaFoPSoMAssXKGO-P6edZye19P-RR4XGORCRNXc18zlvg6nWpfDFwZ5R4aGBCp5Z_urMLB6RzbEJ1vAAo7sq3DP6K827Mn3le3A_n7tgDkJ87t3iMK6iXDA4092t6B2GWPRXAgYUm-saO6m96ezmVws8lx5HfBOtl9eXWTXcTaAovOwNwmr13IAlNacB1gsZ5Jdo_unPeLytICH9vrFTrAbjIxG481OovZF2VW4Qqz8n4lssdf_B_plSZ0jqx8_pxiDOmMwkjM7plcajb2MFJogDwome0JR2eZNDwjWbFnEMkMyKBLLYEYLfX1Lfe8hv0WNEf_oe_3dFH8bLBKE9x2LVQfbPnkZs6N6ug9I2aqysVaOkRrurrTtGTjUPOrAmHwcgTXOnfWF-tXXSBvifc55re4TKbZRRRlKKxQBzSgPshrYijBdK2ND8zcKeCizktdfQSo7N4nzfaUbzmTfaKqsLf8ahDFE_jO_GyYjot7h0AH7TclQH5JIlCcZcEzex-ElQbtpr4N8o-ZUH_zX-R63DT11mHcpLLlUoMu6ewTT81Z5FZWUAaf5VdkMKUPrq9SSAbKpj46hfEJLOvv10wSQypPHLh5B8mfauXTI-cwhk9c_Dr6Tn5u4gBCWpfhjgfj-OI3C9-u2qYy408-lMZMAoCZnq3n2WLu91D_NuBj0d48LvP2g9LbS4l-KhDy7dsnT2on_wE_K-sYZ_scH8Fv3ZkR4XtnQVZcyNIjkJIzcRda-4Na5C8IyX8MRSqD6XPinOi5Sdb6kNoRd6pDc_oLRQkK7bL_lj2Zw8Wg-zfQn-AhQ3o1Ssg8sMkzZ2Hz64HnKkeIF1-l3f4tUx4aIuZ4iGs-JjrZ6zR66rlnpj6CrasvEvA48HaqqCLo6g-QArBlhL-MdqoWsOFPaCBgvOsmRO4hIReY1AYU8Kah4mPuVPTLuSkNxAQmv73EdXhfSKGTqmOZTgNo6m65GughbZ6n8wOX1lAo-fKwZzBvPEDmAGvJ92izgboFO2R33waf2__ayDlrqKkm0iZQi6omKhHZH5wyb-_CLsGlhjYRoCJ8pJOseu0aVQgEEk8AyAmmjTNpDnqNN2qRpPtaxg0sOfdQwi1JiY-U5jAM8XwpuuyChXYCRW6bz4y6Njel94kXQcfS0cKtIGGT8N9A20xSbd2S0o7gHao_pJ-8GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=&ias_chanId=1&ias_placementId=20268485269&bidurl=https://www.guri2o1667.work/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h5dWBlnwT12IB7WKjA8xbU
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.129.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-129-226.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8691cd8933010d5a44d0f00f8ddcd1e7f068b590267494e90da73b6314b8ea70

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A809 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A809 20 KB
8 KB 5ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A809 202 KB
61 KB 4ms
3ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 17:53:41 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A809 42 B
63 B 45ms
44ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CBFvTkO2zl8jkPugOGy-fuVbvhk-r5EoFyrrav4sGvd65ixN9B_PynmNC1FjK__Uve2Jp528tu4xebTOWUc506w9d1t4okpYe907f9WVkUYhMbpB4

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A868 930 B
455 B 46ms
46ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%93%E3%82%AFG%E7%9F%A5%E3%83%88%E3%82%8B%E3%80%82%20%E8%A7%A3%E3%82%92%E3%81%AEa%E9%96%8B%E5%BC%B7%E5%8C%96c%E3%82%B9%E8%A6%96%E3%83%AF%E3%81%AA%E3%81%98n%E3%82%8A%E8%A6%8By%E8%A6%81%E6%8F%90%E3%82%A3%E6%9E%90%E3%83%87%E3%83%95%E3%83%83%E5%8A%9B%E3%80%81%E8%83%BD%E3%82%B8%E3%81%97t%E3%82%BF%E4%BE%9B%E9%96%89%E3%83%BC%E3%83%8D%E6%B7%B1%E5%BF%85%E3%81%BE%E3%82%B0ls%E3%81%8F%E3%81%AFeA%E3%83%A9%E3%82%88%E5%8F%AFi%E3%81%AB%E3%81%99

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

256cd8902b938ff1464c713becb1e852c097eb94a6c9f1396364ca998633e90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 16:57:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A868 7 KB
1 KB 39ms
39ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 16:02:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A868 2 KB
822 B 1ms
1ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:50:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame A868 24 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:47:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B694 143 B
166 B 4ms
3ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:32:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A868 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A868 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A868 202 KB
61 KB 3ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 17:53:41 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame A868 37 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 20:20:38 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DBB8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

45ms
45ms

Document
text/html

2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:22 GMT
expires: Mon, 11 Dec 2023 16:57:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F437
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
243 B

42ms
42ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYkYCr7gEwAQ&v=APEucNWOmQWE90rbba5fxSEpd9raywyE03JDneI8XzQfGjuMGFvmsL6EgKYfMWt9Tv5PGs-Jy0a6WIX8dZrIfA798Poo_YOC1A

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame F437
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEMhXCrjnQ7fM38RN_3JoXbk&google_cver=1

43 B
398 B

520ms
58ms

Image
image/gif

2001:df2:a300:bbbb::136
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEMhXCrjnQ7fM38RN_3JoXbk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEYkYCr7gEwAQ&v=APEucNWOmQWE90rbba5fxSEpd9raywyE03JDneI8XzQfGjuMGFvmsL6EgKYfMWt9Tv5PGs-Jy0a6WIX8dZrIfA798Poo_YOC1A
Protocol: H2
Server: 2001:df2:a300:bbbb::136 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 16:57:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEMhXCrjnQ7fM38RN_3JoXbk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A809 0
20 B 37ms
37ms Ping
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4891035042035&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A809 0
20 B 40ms
40ms Ping
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4891035042035&version=m202309260101&ct=76&x=1&cor=16195564230596819000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A809 16 KB
12 KB 238ms
238ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzJEKBNlVK5ZTfifhp_FLrJplq-uwfqCaaBjvC_p-WECRaYXJMcGGk5tGMI3tk95UB5XUfbQdoA2gDw1ibBfi2ycuUC4nYLhWoeG2s0BePkAioCgQG_AAjhF1sbWLh6UMS6HYpcjyiAM4xW4XZKnf2sd4Kr6JCP0hjaPbloLR6OvZc7Z0&cry=1&dbm_d=AKAmf-C6fpOS-tB5PQGASCjxZQdbNdCmWvBVYHpl4xj3y0ITH2VjWs2gAfFNltiplygrM7HTXY6tKPtZxDjnq_uA7nrYRSaTUCWgGdjr3zEZYtvRS-xIuRe3YnfZgI-X9EqvL23j6ni5jmlG6A7tutVQKUkKCXzhoMc4rv5M2ERgMC9SIFbXjWkK7KgkmtSmYTh43elqfr68n7M2TxdEFFTZjtDWE94UCJvX5qkSUcDoqeFGznFI3OCBysh1wC0jvIIGqJvE8jiLj-Bsk3RjClRB7-4WkY9C7wSpjSd8DMXHuZmUjxCEB6XK5U8CEVRQ3PXBFgXm5aYFKXcZ7cuDcT3QGmfZfE4uhcteJ-cfVoidPGzpPRL95SYqhN8zYL4aZiwCq6IJZaH3GNXhbwq3LnEdxvt0t4wexR1bU-KATmfQ9z-5L-obwUl4ccZgxVuybnupVDDOeidZP8d3MTe8GKoLfgmH7Y721tlFHsYYBP7zI25TFc3JMWwJ9uBQQ8ct3vrY4NeWit08Fi1OXaBs5NFJSU-bsavjzonEvF00ORc1eX2HgQjnTYO3HKNUz85qTRS1mloNyC6com0Nr_By27W8N8GF7brTHT71uo8pzzrV29cdnxwqQ_R7njAQkfDsdiSlyMIFITu1Dchu3CBANdDWD5Vh7P5YzEMPZyjBn07wfqxYSA6P2mUz84U-uX9UB6Tk6Xiqwh4nB2s8OyrjImElaY3JBvjSM4Vn6rRmjGfh6Mb3lCj7PnKI8FQVB1t_bfP70TUstRHzLfnozePsc9Ahj8GnZEcYomnM_RhZ6cxdVC_dGRQjY8dFRxyjuoEHXl60jpwlDx0m0j42btJWE3QOLciPlEYPdvG1XRTYEBI1yRMBEMt0DVvgGsycNWvgGae2Z-DrDm0cXgU5v7KdTM9YoJu4HpSAFsHjTS_pOdsdbg8RmZ9p6QfuC4x6mLWW45jpknXPBzS6sWGvj9BYJXGCAmGrXNo4Jg_48WN81hgevTA9tZn4zgHrHyYSMNy2V_5D-GCWcQX9LKpx0Xr9zyj5hGGNzHg8NS5kw7QmlPj4Qly182fnNHtEWV1jdas2sWOD3CCGuvsM0oDQ2GXwGvzt4Uh0gaPRV1ald92v0SWIu_Ey8Fn9awnBSl3NWwLZVqKqHcxPJCvcu1xbPvobZC-YheVyJD0BJoSTA_dpeNHXJOkJPzwnUZ9WceH0Rr0UYUHpQuAvG3z8JmxtmPw52kyEje3mVbqh5Ekf7ocsnl0OdHyOI7IPzEG52ys0ZH8thcE0I5osRHIrnUx8XisGP6keXkYEQkAeIe1SiiCxzcQ-6iy6eaMzUiMq3FcMVlbkYLabqW0b3OGBKLZrFXRcEsIb5ZCMzvsBgWF7KbYfhQjzE7teaMALCUBAIWChwOMo-_Qr0sv-8Rh2V_mr-DBq1ArT-x9Nd5ewGq9R_0fsLeNIJldfirveaunXJn8N3djIr_draf4ICjk-TM-v5hH3DCN1GreKjmQgz6QxBkmdPPcYDqPQ2Fk0jCYvvLFDpteNuNdu7ge7Q1iJpUpAZgzv_xtUhi-FhdNYMpvsBgIwzTqhAA-Kx8a-EJqmyjNnDXgCP8VNZU-CuKC4CBc7zgIVG-mRE4Z9Ke2Kdl0d1ksmoL0OQPRcYgj5ZBUjz-maYaFfJEGvqHiezfUmv8zA5NKss-i_SI5o5QZ70avQND6A8N0iQNPvnrHB0lUi6zWsz8UkglHrdrMmUDwmSZCZOsnc9YTkjRgOtMVNHFMMOofxxPYeYj1NUFY5bN6_GZuJD9FA70uvBZwm07J2iZNwjSZwZQxMJT3MYfG_9k088mC9bqS3ISvrMYb9ESiJn-s1OvdFjRWAA2LJ7C4ILbBNPDKslMUG6xo7DfHsbJ-jkF9p3GVEPC_Rr0lUMB8rdh-jsib39Gx-KoO0CUWUmwZ1_YlwN4jmU3XcrJuEvhlnyXG0kz_9502PkH0RVLdLQRio-gzmzHoaZ9gr5uiwGpqZxBvhTM6Nnti90Wi5D29srK4Vag0z8fsx-zHpcPxCo6R4AjLcrNhQoYO5ONLqNFf5aRYanvmX6fb5FjMm0_SOxAYlIF-NR3-GyeKpz1h-iVXrrTAfr_hsD8uVRcZDDZKjCFe8qTA1dvMEWQG9X3k9fg9rQlt7iRgpHxCG-yPjrl8p5q-f_VSPZU5m4vfoeDLFjosm80w2kntfArhABvE8kJiU7IvEVA1a40h0DU4CFkqxlPaudFk_PF8mEysKNFpcrouK4nJO51bC7HKeaDP8inncEZ9HjG4RQe2aKp3uwNcdN9kpqN6LHuOfeV9SfA4V5SZcoqCEJTw_8k3vmZxEfJDIsHbBKzDtMstNY1tzBvR6-iodVB1MiCYxGIVhGu0hfzBR3pqVyMMYYauK1KSK1S7Aq-lahb-QYEoWFFj72aIqpzEVtO1nGgqw1f7Rr6McZvUcNncJwxlEapGTZBx1GDBnVC3vIsOmgW0ovEV4jO0Y8FzKiBiuFLcVkHbtLzEY0GGUE0asI343cRXL5YbBpB6FCitRu7EAguCyzBNBtJd9JEmXe00dHw8AG77VFAJsSSAwqfaDGbdoJlyZDrS7KjzqGSc5k0pNFQ_TvVIGjDysmulA7Yrvg-Y5vi6XKc0Pg4zRa6u8j5kGu2U1Zu2h1QOvrnTjyTER82lqRhuh_HJhFzC7C3vTUZMcVYEMqKsGDdp-WhVx1Vina17m8NNMvzX8RT3s-l275QBiuK5i97x8hEC-qZBBA5ZccBv2fsg65IvINOgMfz6m7RvGMfg9VxV11OgHL1VYPsy1W0MNfYTEfMVwfg1nig1Rw8oURQF4Pe6oWK8jOYKGUoNQUoMlTUp7ahAvZJ9UThB_aU3H-UY5f8jbfKMnmYS7KoyG3UmXeoq9OY5Dn1F2dnYRhUs2kF-002fcxzQH7OzxSa8W3e9bf4Q8rW18yneitDTfT0jGNj_vOFCX9PdBLHpsDLTDyioLQqQw24G6MHLKHF3fHBNWjIdk-SSGcyO-zSJ0z5ojdwSqOBsfkpTGHOLukl4DSYUw9zwjcc8ycmo62K9d1x6lDCLdHrKn7XwbXOGJfkIracnnTlwiDEoZXqwlLg&cid=CAQSTwDICaaNM2kOeo03apGk-1rGDSw591DCLUmJj5TmMAzxfCm67IKFdgJFbpvPjLo2N6X3iRdBx9LRwq0gYZPw30DbTFJt3ZLSjuAdqj-kn7wYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.guri2o1667.work%2F&ds=l&xdt=1&iif=1&cor=16195564230596819000&adk=3062569611&idt=79&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb77ba62b09c6b3bf0ced7712da8c4fb9fc25e2a61dbff07b6eef071426ed0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B694
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

57ms
56ms

Document
text/html

2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:23 GMT
expires: Mon, 11 Dec 2023 16:57:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame E87D 51 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 348313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 16:12:09 GMT

GET
H3 200 arcadian_imgfit_stars_300x600.html Show response
tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/ Frame 03CF 6 KB
1 KB 3ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a073fb5df30b3c59c2c6631487c20e859d5271299e58caf54104d94f0e596a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 66322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 1460
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 22:32:00 GMT
etag: 12436648134351088556
expires: Mon, 11 Dec 2023 22:32:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame EB33 24 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=600&adk=2226316099&adf=3536934912&pi=t.aa~a.1678542404~rp.4&w=290&fwrn=4&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=290x600&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200%2C640x200&nras=5&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=4023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:47:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3CC0 143 B
166 B 5ms
3ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=600&adk=2226316099&adf=3536934912&pi=t.aa~a.1678542404~rp.4&w=290&fwrn=4&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=290x600&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200%2C640x200&nras=5&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=4023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:32:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame EB33 3 KB
1 KB 5ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame EB33 20 KB
8 KB 4ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EB33 0
0 48ms
46ms Image
text/html 2404:6800:400a:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStfGPYPCRQW-VmlM7VZXEct6chB6UaVNGfgEWTcKKQhP3Y1E4r5GNNWZj2CqzG5XKJGxp19QQqZvq9WKlkOOwEt1C7KA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=600&adk=2226316099&adf=3536934912&pi=t.aa~a.1678542404~rp.4&w=290&fwrn=4&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=290x600&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200%2C640x200&nras=5&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=4023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:805::2004 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB33 202 KB
64 KB 60ms
56ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:57:22 GMT

GET
DATA 200
OK truncated
/ Frame 765C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db3a3b8bff3d74b7f9e8b40e467b4383d2f51d3bf2ff11d9846baaa430128037

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame EB33 0
20 B 44ms
43ms Other
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNvFiZ_th4MDFZgCewcdnt4OsQ&gqi=cj93Zc_XI_yypt8Pjbi6yAs&layout=/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 arcadian_imgfit_stars_300x600.css
tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/ Frame 03CF 13 KB
3 KB 2ms
2ms Stylesheet
text/css 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a81a5c2ff5ad3fcd835f9a5eea1f85abbe91d407c3ea70a35591bb56d728ae6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2968
x-xss-protection: 0
server: cafe
etag: 763910207578992479
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Dec 2023 12:43:45 GMT

GET
H3 200 webfont.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 03CF 12 KB
5 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/webfont.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01de7c9899895c024dfd2cdacf32ee1557b08d8fff6783b5c096a9ca2e8fa05c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4817
x-xss-protection: 0
server: cafe
etag: 66280484544214525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 11 Dec 2023 23:38:42 GMT

GET
H3 200 angular.min.js Show response
tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/angular/1.6/ Frame 03CF 161 KB
56 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/angular/1.6/angular.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac133282c7f12db30b3f786a2125f31511dd3ee7620ea94af4a7b2d9be961dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:59:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57172
x-xss-protection: 0
server: cafe
etag: 2949113872512772443
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Dec 2023 11:59:06 GMT

GET
H3 200 greensockcustom_min.js Show response
tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/greensock/ Frame 03CF 126 KB
35 KB 5ms
4ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/greensock/greensockcustom_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d7caec01077344823f2f4ea2fa61623ddc63e0877fd02a413a7a1a058be3391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:44:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4387
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35311
x-xss-protection: 0
server: cafe
etag: 16288133025236708134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Dec 2023 15:44:16 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 03CF 34 KB
13 KB 6ms
5ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:44:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Dec 2023 15:44:10 GMT

GET
H3 200 utils_min.js Show response
tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/6/ Frame 03CF 29 KB
10 KB 8ms
7ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/6/utils_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b17395e149fb2147a23d8b5f758093d251af148273447e8582554ac38b474e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9966
x-xss-protection: 0
server: cafe
etag: 9457161699141146922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 11 Dec 2023 19:49:31 GMT

GET
H3 200 layouts_bootstrap_v3.js Show response
tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/ Frame 03CF 15 KB
4 KB 8ms
7ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/layouts_bootstrap_v3.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

382effe436be25e88c620c95147a39e45425759c57816366d634bdf0f1119007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4106
x-xss-protection: 0
server: cafe
etag: 2789564430973051843
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 11 Dec 2023 19:32:52 GMT

GET
H3 200 common_scripts_v4.js Show response
tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/ Frame 03CF 25 KB
6 KB 8ms
7ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/common_scripts_v4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

028a29fd0d3995604b76a3ca4dacb7d846b695fc301182ca201f3e2b98d3eac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:40:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 76614373525888418
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 11 Dec 2023 19:40:26 GMT

GET
H3 200 arcadian_imgfit_stars.js Show response
tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/ Frame 03CF 18 KB
5 KB 9ms
8ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83010b1929b3c3d6a6f4b3e4d8c1b2b2151b1463ced580aab23bdf60366de1e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:49:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4794
x-xss-protection: 0
server: cafe
etag: 8838140867059418210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 11 Dec 2023 23:49:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CBAE 1 KB
469 B 40ms
39ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%AC%E3%82%8B%E3%83%88%E3%81%90%E3%80%81o%E3%81%86%20%E3%83%B3z%E3%81%A6a%E3%80%82%E3%81%AE%E3%83%AB%E3%81%8A%E3%82%8A%E4%BB%8A%E3%81%A3n%E3%81%A0%E3%82%BC%E3%83%95%E3%83%83%E5%93%81%E3%83%A7%E6%9C%AB%E7%9B%9B%E8%A6%8B%E3%83%87%E3%81%95%E3%81%A7%E3%82%82%E3%81%99%E8%B2%B7m%E3%81%BE%E3%81%A8%E3%81%8F%E3%82%BB%E3%83%BC%E3%83%AA%E3%81%8B%E3%82%89%E3%81%84%E3%82%B7%E3%83%9B%E3%82%93%E3%82%81A%E3%81%88%E3%82%A1%E5%B9%B4%E6%8F%83%E3%81%8C%E5%BE%97%E3%83%97%E3%82%88

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=1205157737&pi=t.aa~a.2625880853~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280&nras=3&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

538bcf7665f67f09ea7e51a1f475039090a5f482c9cc4057fddffe61eb88bbc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 16:57:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CBAE 4 KB
656 B 71ms
70ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 16:23:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:23 GMT

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DCD 51 KB
19 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 348314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 16:12:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 765C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ccd6ncT93ZeqWKLSp7OsPz9qp2Avy9uLfdIeF_7SLEvi0mP60PxABIJ3FrHtgifPFhPQToAGNpeTuAsgBAqkCltu4SxhXPT6oAwHIA8kEqgTpAU_QIRZyT51zUgcuseiQSMvb0C9_WHHaJmh...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x52b629da7b8948220000000000000000%22,%222%22:%220x68d376cdf5591bd40000000000000000%22,%223%22:%220x5ae37a...

0
0

39ms
39ms

Fetch
text/css

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x52b629da7b8948220000000000000000%22,%222%22:%220x68d376cdf5591bd40000000000000000%22,%223%22:%220x5ae37a1e573c4fa70000000000000000%22,%224%22:%220xea6517d9834e779e0000000000000000%22,%225%22:%220xa1218e95a8c5e1a30000000000000000%22},%22debug_key%22:%2213629875718671580638%22,%22debug_reporting%22:true,%22destination%22:%22https://nagomi-fudousan.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22769200781%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212623257890805427681%22}&andc=true

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x52b629da7b8948220000000000000000","2":"0x68d376cdf5591bd40000000000000000","3":"0x5ae37a1e573c4fa70000000000000000","4":"0xea6517d9834e779e0000000000000000","5":"0xa1218e95a8c5e1a30000000000000000"},"debug_key":"13629875718671580638","debug_reporting":true,"destination":"https://nagomi-fudousan.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["769200781"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"12623257890805427681"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Dec 2023 16:57:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x52b629da7b8948220000000000000000","2":"0x68d376cdf5591bd40000000000000000","3":"0x5ae37a1e573c4fa70000000000000000","4":"0xea6517d9834e779e0000000000000000","5":"0xa1218e95a8c5e1a30000000000000000"},"debug_key":"13629875718671580638","debug_reporting":true,"destination":"https://nagomi-fudousan.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["769200781"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"12623257890805427681"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 9AF1 622 B
330 B 41ms
40ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E7%B7%9A%E6%9D%B1%E4%BF%9D%E5%BE%92%E3%81%88B%E6%AD%A6%E5%9C%92%E5%B0%8F%E5%B1%B1%E5%88%86%E9%96%8B%E3%81%8F%E6%AD%A9%E3%81%94%E9%A7%85%E6%80%A53%E8%94%B5i%E7%9B%AE%E3%81%84%E8%82%B2%E9%BB%92

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62b796486b77f3bec81cc5543e3400349ddb6468c57f4111214c46d8d8fb3888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 16:57:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9AF1 2 KB
831 B 2ms
1ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:50:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 9AF1 24 KB
9 KB 2ms
1ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:47:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9AF1 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 9AF1 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9AF1 0
0 48ms
47ms Image
text/html 2404:6800:400a:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROY7K6ersot_WlJt9uBN3rqMJxLDgSMT6KJF2wA0vfkW13g6iaz9pucaUyThyWQMzJLPohZH2puf8Pv0YGrU_bvy_5XQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:805::2004 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9AF1 202 KB
64 KB 83ms
82ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:57:23 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 9AF1 37 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 20:20:38 GMT

GET
DATA 200
OK truncated
/ Frame 03CF 324 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 337b48582e678fbdd44cad7ae127b0312ec4a92fc0b5f1bcfce283926f7b5eee

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 03CF 382 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dbe38248f4e160c4065df4c5ec4ada558e7abdbb17673635645c3aa527f4df0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EB33 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5293e94c7b769b6690121138ac058787bef37ef4730bc12805783ca94182fcb5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CBAE 2 KB
831 B 2ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:50:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame CBAE 24 KB
9 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 15:47:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CBAE 3 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9EB4 1 KB
643 B 3ms
2ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 62320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 23:38:43 GMT
etag: 48472445140208031
expires: Mon, 11 Dec 2023 23:38:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame CBAE 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 03:41:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CBAE 0
0 49ms
47ms Image
text/html 2404:6800:400a:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSp9D-6LX25rzonmx6ejrc7z95CnEAR_uM3yrgl-tMMlozZSYfFswx3xTAk8WFb1E5qfeyXl4oB2QYOHZ1xOK2FeuCsw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=1205157737&pi=t.aa~a.2625880853~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280&nras=3&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=2817&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:805::2004 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBAE 202 KB
64 KB 141ms
139ms Script
text/javascript 2404:6800:4004:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:57:23 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame CBAE 37 KB
15 KB 4ms
2ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 20:20:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 66B8 1 KB
643 B 1ms
1ms Document
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 62320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 23:38:43 GMT
etag: 48472445140208031
expires: Mon, 11 Dec 2023 23:38:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3508696970890631128/ Frame CBAE 21 KB
21 KB 2ms
2ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3508696970890631128/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8036e6aba32d5a232a542b4c9d61d31babc76c8dc847de19e5f8ff812e06676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:00:19 GMT
x-content-type-options: nosniff
age: 7024
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21112
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 07:56:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 15:00:19 GMT

GET
H3 200 1874494414482181584
tpc.googlesyndication.com/simgad/ Frame 9AF1 24 KB
25 KB 2ms
2ms Image
image/png 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1874494414482181584?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83c0dd4f8fb4d53e1a1f28484cf8dedc0a2b4ae2ad9b1fcd62939a20eb4cb7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 01:56:12 GMT
x-content-type-options: nosniff
age: 486071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25076
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 08:49:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Dec 2024 01:56:12 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4415036788792893029/ Frame 9AF1 2 KB
2 KB 2ms
2ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4415036788792893029/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2f15f6258ea8cb74db1ad6e3ae6941a2f404136c021c0441bf58a5244dbfd7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:42:58 GMT
x-content-type-options: nosniff
age: 350065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1821
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 08:51:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 15:42:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3CC0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
41ms

Document
text/html

2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:23 GMT
expires: Mon, 11 Dec 2023 16:57:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A809 41 KB
14 KB 2ms
1ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzJEKBNlVK5ZTfifhp_FLrJplq-uwfqCaaBjvC_p-WECRaYXJMcGGk5tGMI3tk95UB5XUfbQdoA2gDw1ibBfi2ycuUC4nYLhWoeG2s0BePkAioCgQG_AAjhF1sbWLh6UMS6HYpcjyiAM4xW4XZKnf2sd4Kr6JCP0hjaPbloLR6OvZc7Z0&cry=1&dbm_d=AKAmf-C6fpOS-tB5PQGASCjxZQdbNdCmWvBVYHpl4xj3y0ITH2VjWs2gAfFNltiplygrM7HTXY6tKPtZxDjnq_uA7nrYRSaTUCWgGdjr3zEZYtvRS-xIuRe3YnfZgI-X9EqvL23j6ni5jmlG6A7tutVQKUkKCXzhoMc4rv5M2ERgMC9SIFbXjWkK7KgkmtSmYTh43elqfr68n7M2TxdEFFTZjtDWE94UCJvX5qkSUcDoqeFGznFI3OCBysh1wC0jvIIGqJvE8jiLj-Bsk3RjClRB7-4WkY9C7wSpjSd8DMXHuZmUjxCEB6XK5U8CEVRQ3PXBFgXm5aYFKXcZ7cuDcT3QGmfZfE4uhcteJ-cfVoidPGzpPRL95SYqhN8zYL4aZiwCq6IJZaH3GNXhbwq3LnEdxvt0t4wexR1bU-KATmfQ9z-5L-obwUl4ccZgxVuybnupVDDOeidZP8d3MTe8GKoLfgmH7Y721tlFHsYYBP7zI25TFc3JMWwJ9uBQQ8ct3vrY4NeWit08Fi1OXaBs5NFJSU-bsavjzonEvF00ORc1eX2HgQjnTYO3HKNUz85qTRS1mloNyC6com0Nr_By27W8N8GF7brTHT71uo8pzzrV29cdnxwqQ_R7njAQkfDsdiSlyMIFITu1Dchu3CBANdDWD5Vh7P5YzEMPZyjBn07wfqxYSA6P2mUz84U-uX9UB6Tk6Xiqwh4nB2s8OyrjImElaY3JBvjSM4Vn6rRmjGfh6Mb3lCj7PnKI8FQVB1t_bfP70TUstRHzLfnozePsc9Ahj8GnZEcYomnM_RhZ6cxdVC_dGRQjY8dFRxyjuoEHXl60jpwlDx0m0j42btJWE3QOLciPlEYPdvG1XRTYEBI1yRMBEMt0DVvgGsycNWvgGae2Z-DrDm0cXgU5v7KdTM9YoJu4HpSAFsHjTS_pOdsdbg8RmZ9p6QfuC4x6mLWW45jpknXPBzS6sWGvj9BYJXGCAmGrXNo4Jg_48WN81hgevTA9tZn4zgHrHyYSMNy2V_5D-GCWcQX9LKpx0Xr9zyj5hGGNzHg8NS5kw7QmlPj4Qly182fnNHtEWV1jdas2sWOD3CCGuvsM0oDQ2GXwGvzt4Uh0gaPRV1ald92v0SWIu_Ey8Fn9awnBSl3NWwLZVqKqHcxPJCvcu1xbPvobZC-YheVyJD0BJoSTA_dpeNHXJOkJPzwnUZ9WceH0Rr0UYUHpQuAvG3z8JmxtmPw52kyEje3mVbqh5Ekf7ocsnl0OdHyOI7IPzEG52ys0ZH8thcE0I5osRHIrnUx8XisGP6keXkYEQkAeIe1SiiCxzcQ-6iy6eaMzUiMq3FcMVlbkYLabqW0b3OGBKLZrFXRcEsIb5ZCMzvsBgWF7KbYfhQjzE7teaMALCUBAIWChwOMo-_Qr0sv-8Rh2V_mr-DBq1ArT-x9Nd5ewGq9R_0fsLeNIJldfirveaunXJn8N3djIr_draf4ICjk-TM-v5hH3DCN1GreKjmQgz6QxBkmdPPcYDqPQ2Fk0jCYvvLFDpteNuNdu7ge7Q1iJpUpAZgzv_xtUhi-FhdNYMpvsBgIwzTqhAA-Kx8a-EJqmyjNnDXgCP8VNZU-CuKC4CBc7zgIVG-mRE4Z9Ke2Kdl0d1ksmoL0OQPRcYgj5ZBUjz-maYaFfJEGvqHiezfUmv8zA5NKss-i_SI5o5QZ70avQND6A8N0iQNPvnrHB0lUi6zWsz8UkglHrdrMmUDwmSZCZOsnc9YTkjRgOtMVNHFMMOofxxPYeYj1NUFY5bN6_GZuJD9FA70uvBZwm07J2iZNwjSZwZQxMJT3MYfG_9k088mC9bqS3ISvrMYb9ESiJn-s1OvdFjRWAA2LJ7C4ILbBNPDKslMUG6xo7DfHsbJ-jkF9p3GVEPC_Rr0lUMB8rdh-jsib39Gx-KoO0CUWUmwZ1_YlwN4jmU3XcrJuEvhlnyXG0kz_9502PkH0RVLdLQRio-gzmzHoaZ9gr5uiwGpqZxBvhTM6Nnti90Wi5D29srK4Vag0z8fsx-zHpcPxCo6R4AjLcrNhQoYO5ONLqNFf5aRYanvmX6fb5FjMm0_SOxAYlIF-NR3-GyeKpz1h-iVXrrTAfr_hsD8uVRcZDDZKjCFe8qTA1dvMEWQG9X3k9fg9rQlt7iRgpHxCG-yPjrl8p5q-f_VSPZU5m4vfoeDLFjosm80w2kntfArhABvE8kJiU7IvEVA1a40h0DU4CFkqxlPaudFk_PF8mEysKNFpcrouK4nJO51bC7HKeaDP8inncEZ9HjG4RQe2aKp3uwNcdN9kpqN6LHuOfeV9SfA4V5SZcoqCEJTw_8k3vmZxEfJDIsHbBKzDtMstNY1tzBvR6-iodVB1MiCYxGIVhGu0hfzBR3pqVyMMYYauK1KSK1S7Aq-lahb-QYEoWFFj72aIqpzEVtO1nGgqw1f7Rr6McZvUcNncJwxlEapGTZBx1GDBnVC3vIsOmgW0ovEV4jO0Y8FzKiBiuFLcVkHbtLzEY0GGUE0asI343cRXL5YbBpB6FCitRu7EAguCyzBNBtJd9JEmXe00dHw8AG77VFAJsSSAwqfaDGbdoJlyZDrS7KjzqGSc5k0pNFQ_TvVIGjDysmulA7Yrvg-Y5vi6XKc0Pg4zRa6u8j5kGu2U1Zu2h1QOvrnTjyTER82lqRhuh_HJhFzC7C3vTUZMcVYEMqKsGDdp-WhVx1Vina17m8NNMvzX8RT3s-l275QBiuK5i97x8hEC-qZBBA5ZccBv2fsg65IvINOgMfz6m7RvGMfg9VxV11OgHL1VYPsy1W0MNfYTEfMVwfg1nig1Rw8oURQF4Pe6oWK8jOYKGUoNQUoMlTUp7ahAvZJ9UThB_aU3H-UY5f8jbfKMnmYS7KoyG3UmXeoq9OY5Dn1F2dnYRhUs2kF-002fcxzQH7OzxSa8W3e9bf4Q8rW18yneitDTfT0jGNj_vOFCX9PdBLHpsDLTDyioLQqQw24G6MHLKHF3fHBNWjIdk-SSGcyO-zSJ0z5ojdwSqOBsfkpTGHOLukl4DSYUw9zwjcc8ycmo62K9d1x6lDCLdHrKn7XwbXOGJfkIracnnTlwiDEoZXqwlLg&cid=CAQSTwDICaaNM2kOeo03apGk-1rGDSw591DCLUmJj5TmMAzxfCm67IKFdgJFbpvPjLo2N6X3iRdBx9LRwq0gYZPw30DbTFJt3ZLSjuAdqj-kn7wYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.guri2o1667.work%2F&ds=l&xdt=1&iif=1&cor=16195564230596819000&adk=3062569611&idt=79&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 526138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 14:48:25 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame A809
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1525516/72173817/xbbe/creative/adj?p=APEucNWccohOKjOnEzYz-D57YpQ--Wvq81XkvBlV6GAKit_bMbFYiE0&d=CokBAKAmf-BUBL2Ur7vBucBKR7YjZHQF6sPmI8D1wQbULOWNSpktvG1P4i6WB0-...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWccohOKjOnEzYz-D57YpQ--Wvq81XkvBlV6GAKit_bMbFYiE0&d=CokBAKAmf-BUBL2Ur7vBucBKR7YjZHQF6sPmI8D1wQbULOWNSpktvG1P4i6WB0-6uVx1d_MQo7aFs2ZCFKXvBrARL...

53 KB
22 KB

189ms
72ms

Script
text/javascript

142.251.8.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWccohOKjOnEzYz-D57YpQ--Wvq81XkvBlV6GAKit_bMbFYiE0&d=CokBAKAmf-BUBL2Ur7vBucBKR7YjZHQF6sPmI8D1wQbULOWNSpktvG1P4i6WB0-6uVx1d_MQo7aFs2ZCFKXvBrARL7sIcVfsJKqxm5iV0coiVJJOIykfHhzgLdVdVF9LXDF0ZOBV8sFUj_CfzN2AxRbhzF7ECd_Q8UR_jTo5G_aZgXg9iYEbHbTn3EISiRUAoCZ_4OFeIVgyA2HZlMybtIX8mrSLlq4fdq-I0nTB-uShGhwCU6qWovruQFy4HbCVvwFcTTR0cYB7ltqMqo8LaVjWEhw_UZmMC8g18c0Vgp3o1jvHEo2H5YtBs4XFGJW1m0yyxAiwi3xwV9MoKvN9A-RpXWfAEEoTBN-eM_6t-CY4z1QKT2UcyHYk178Y9iyNepHwvVPGKDG4pCzehKdC0pkE0NF89A9Qcf2-xoUSG87HSZKhoFAO4csUjFVv6XogOGXJKV7J9U9_KlecRrGGdnxpbI_rlxgQm80j3RkJ0LkbpRXW8nzI8V94hFuPrRt6eDIGQnldlFZDk2dPYUO8aTFYesAjRH4ciybVdZyUsKUn366UQlFC-N4_R_DtlN-0th6VStCwW5Bf_hNkecOdSG5jm5fHTnyXNAhTyBPJhijPfIE8h_C-_la6glif3yB70BroZXuPMuxELCfHn6a_gkovc29Q4pAOM0aSSqKenNdOh5sBFVzA_IbeEXKyQ2qZIy9k0SkGwlQBP9XZaepk-Ci7y136Va_BTh3aXWXuYQWswn_vfW-UYFALR_gqg9OeCxh65VQNvMEbhC9cz4M0cisxHEN-UDeQ7n5FE8SUt-DQRmvIMdFGCAH0rkWdYDEAMV625MpU12XR8q1zPxv3mdp-yhrIWmGXe07Je4mIlXfp3Odn7MPFnOLwW-o_BTiPoYgRo8pd85eIp4B1D8asgLGf_x6Iy4rkhY76rWU6gWy4XwV5SXJwU_kHBUsdUqttRe33vP-girvO7ZpQH0y2zriMhS42Jf_BgqzLWVeuvuSI-kp7sQpfQG6ACuFN-Qr1nxVXl1gqzn5tBODykUvUo04P5R0GtGd4ttUx33k-4wxG-eoq1PVMFBTf7qRirZlhOoIgFlw7TUe0w_PNZwg6xWQRwQkPsugM20z3AM7pfOjfoXeWFB6uaP7bCX8xySg-_vgcgqlTzccRlWHEnZ35S2FVrcoww09E2OAH_k_fDRpRCrxDfy0nHf332O_6rexumy9WWf5rrw9l8IuGaag6qCeaupJhPZYPGm2H-FtkyEhuGTNOs03W2Nc0VKkJawXwONe1P7YZb-6gmc6XcmDHsgywGVXIrRg7SYLFk4xHCQBw32A8UxWUSODKC0IQ6vzgmjq1zxcSAY7RYvm2CLUPRsmBG7O4J8sBh2WGwExLfdPEvNI9p13QWMFvUlJKHGt7i_PdqJ8hlCMq91kGqfSkC2pYPx58b2-ZlwNnGDhs8DDZqvpOAGjI-JsQs8tNx895FyXlbgmr9XYjcIZJmCBIe6Rx_mPylxGIpSGr8pvapI7yW9aCdNxKTLBqK2OGMg1iEFCTxFiIHfHHiH2ytVHsiJOtVGP61--xo53evxY-6_JJFSET4356ONvtVPDRA5jxu0kNZYatZQSIufXGzKAXr5umZxofSPmgLZb92NNSgMUnvYkDslVAbrTfIJG-suSqVvkN-mGMrBHTcg1ZC4rhELCyPC9yRMIlbgkv5T-ud1DAf5QAQ3UddG-hefnRMwaVehwtGXRHdTrKIVbpgLqsMJOMpRFq6LImhYOXqAC8deXmmJUzSoJa2xtvYXcpPprzxM07Hrzd2tU0YhrmINno_WT154WpBKxW8hlNnX3xaQqJDh2QXObAfU4TaqovbaFGIyAgun7wjm7TsQG6IvsiwqwkRKr690idv9cwjVDM6koqMG23T6aYydUGto1l1SjRTxOPaqbvHvnyxOeVhNs2QR2uw1CaTLctQV79gM4EcUs1vHeHJwFJDWk5LHFYJiPfwPXSKt2-roGB8fiQW3qUFSDuv4I8VvAXB9lPy-Km6-aEIG0FUfKPMwAycghlGsDEkbpUfYWaDMRHiY6-p96bsyke0wekXtPGPZ7AgyFJG4MZ2PYjgyiIrgM6LzEMaMz2HNcgabOvHBZrbk8v-Hv_nOfkY3iie7xvW-1AjYQUVb12yoFESGp2ZOGUyftiIpqC1bu3UrRZA4jiF-3kZ64uiy7nW_xot6pZ9ZpHF56OPJRk7FKraXzRg6J5uAgFCWWL0Q2Cdtor3sB2Vcmw3SGkcMxnCbPeso3udgAbdot25TgYhTn1QyxtOrhDG_anoeEHAc6HtepRewLtMBzWVM8FG0lH8STkq25kVnZ1nzT1qXR0VRNCkqbdmO-vSj36B-c9gKdby42IjtC7VbGkMzMt1aExIGDjc8DZXqx5FWVPj_0VOj4zZeWK2AchM8LxpI_es627ArnKhPm6c4Lh90-FjXV8jwzrJfdfM42FGu7AP_5fQEdqnVSpXPBRlDZAju9uGnAocdrCHa3vJWrbNj1RD5dFHxXLGll4S6_j-2cnt8iQaCSnfiYpE4gnPyJX6kb0A7Cp0lHCAIGLR6h6LHLaedgcCTN3wacC0pWy-KTM5loFuhvc6eFWDUKgxrNNMPYIrlw4ji-nZrouCGKBUgeJO_R_NzbRQEp9cuSmxX1mnCegxLNcFRFTszGl7sg20MogSDwSkmHcc1Ru0Rcdr-jfBQZfZ4MaFoPSoMAssXKGO-P6edZye19P-RR4XGORCRNXc18zlvg6nWpfDFwZ5R4aGBCp5Z_urMLB6RzbEJ1vAAo7sq3DP6K827Mn3le3A_n7tgDkJ87t3iMK6iXDA4092t6B2GWPRXAgYUm-saO6m96ezmVws8lx5HfBOtl9eXWTXcTaAovOwNwmr13IAlNacB1gsZ5Jdo_unPeLytICH9vrFTrAbjIxG481OovZF2VW4Qqz8n4lssdf_B_plSZ0jqx8_pxiDOmMwkjM7plcajb2MFJogDwome0JR2eZNDwjWbFnEMkMyKBLLYEYLfX1Lfe8hv0WNEf_oe_3dFH8bLBKE9x2LVQfbPnkZs6N6ug9I2aqysVaOkRrurrTtGTjUPOrAmHwcgTXOnfWF-tXXSBvifc55re4TKbZRRRlKKxQBzSgPshrYijBdK2ND8zcKeCizktdfQSo7N4nzfaUbzmTfaKqsLf8ahDFE_jO_GyYjot7h0AH7TclQH5JIlCcZcEzex-ElQbtpr4N8o-ZUH_zX-R63DT11mHcpLLlUoMu6ewTT81Z5FZWUAaf5VdkMKUPrq9SSAbKpj46hfEJLOvv10wSQypPHLh5B8mfauXTI-cwhk9c_Dr6Tn5u4gBCWpfhjgfj-OI3C9-u2qYy408-lMZMAoCZnq3n2WLu91D_NuBj0d48LvP2g9LbS4l-KhDy7dsnT2on_wE_K-sYZ_scH8Fv3ZkR4XtnQVZcyNIjkJIzcRda-4Na5C8IyX8MRSqD6XPinOi5Sdb6kNoRd6pDc_oLRQkK7bL_lj2Zw8Wg-zfQn-AhQ3o1Ssg8sMkzZ2Hz64HnKkeIF1-l3f4tUx4aIuZ4iGs-JjrZ6zR66rlnpj6CrasvEvA48HaqqCLo6g-QArBlhL-MdqoWsOFPaCBgvOsmRO4hIReY1AYU8Kah4mPuVPTLuSkNxAQmv73EdXhfSKGTqmOZTgNo6m65GughbZ6n8wOX1lAo-fKwZzBvPEDmAGvJ92izgboFO2R33waf2__ayDlrqKkm0iZQi6omKhHZH5wyb-_CLsGlhjYRoCJ8pJOseu0aVQgEEk8AyAmmjTNpDnqNN2qRpPtaxg0sOfdQwi1JiY-U5jAM8XwpuuyChXYCRW6bz4y6Njel94kXQcfS0cKtIGGT8N9A20xSbd2S0o7gHao_pJ-8GAFgAQ&cry=1&bundleId=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.251.8.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tb-in-f156.1e100.net

Software

cafe /

Resource Hash

3a5ddf9ab9ac5247e3aca581f86a821eb7145960e390d6ca4088adf276ed9aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21633
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: nginx
x-server-name: app05.jp.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWccohOKjOnEzYz-D57YpQ--Wvq81XkvBlV6GAKit_bMbFYiE0&d=CokBAKAmf-BUBL2Ur7vBucBKR7YjZHQF6sPmI8D1wQbULOWNSpktvG1P4i6WB0-6uVx1d_MQo7aFs2ZCFKXvBrARL7sIcVfsJKqxm5iV0coiVJJOIykfHhzgLdVdVF9LXDF0ZOBV8sFUj_CfzN2AxRbhzF7ECd_Q8UR_jTo5G_aZgXg9iYEbHbTn3EISiRUAoCZ_4OFeIVgyA2HZlMybtIX8mrSLlq4fdq-I0nTB-uShGhwCU6qWovruQFy4HbCVvwFcTTR0cYB7ltqMqo8LaVjWEhw_UZmMC8g18c0Vgp3o1jvHEo2H5YtBs4XFGJW1m0yyxAiwi3xwV9MoKvN9A-RpXWfAEEoTBN-eM_6t-CY4z1QKT2UcyHYk178Y9iyNepHwvVPGKDG4pCzehKdC0pkE0NF89A9Qcf2-xoUSG87HSZKhoFAO4csUjFVv6XogOGXJKV7J9U9_KlecRrGGdnxpbI_rlxgQm80j3RkJ0LkbpRXW8nzI8V94hFuPrRt6eDIGQnldlFZDk2dPYUO8aTFYesAjRH4ciybVdZyUsKUn366UQlFC-N4_R_DtlN-0th6VStCwW5Bf_hNkecOdSG5jm5fHTnyXNAhTyBPJhijPfIE8h_C-_la6glif3yB70BroZXuPMuxELCfHn6a_gkovc29Q4pAOM0aSSqKenNdOh5sBFVzA_IbeEXKyQ2qZIy9k0SkGwlQBP9XZaepk-Ci7y136Va_BTh3aXWXuYQWswn_vfW-UYFALR_gqg9OeCxh65VQNvMEbhC9cz4M0cisxHEN-UDeQ7n5FE8SUt-DQRmvIMdFGCAH0rkWdYDEAMV625MpU12XR8q1zPxv3mdp-yhrIWmGXe07Je4mIlXfp3Odn7MPFnOLwW-o_BTiPoYgRo8pd85eIp4B1D8asgLGf_x6Iy4rkhY76rWU6gWy4XwV5SXJwU_kHBUsdUqttRe33vP-girvO7ZpQH0y2zriMhS42Jf_BgqzLWVeuvuSI-kp7sQpfQG6ACuFN-Qr1nxVXl1gqzn5tBODykUvUo04P5R0GtGd4ttUx33k-4wxG-eoq1PVMFBTf7qRirZlhOoIgFlw7TUe0w_PNZwg6xWQRwQkPsugM20z3AM7pfOjfoXeWFB6uaP7bCX8xySg-_vgcgqlTzccRlWHEnZ35S2FVrcoww09E2OAH_k_fDRpRCrxDfy0nHf332O_6rexumy9WWf5rrw9l8IuGaag6qCeaupJhPZYPGm2H-FtkyEhuGTNOs03W2Nc0VKkJawXwONe1P7YZb-6gmc6XcmDHsgywGVXIrRg7SYLFk4xHCQBw32A8UxWUSODKC0IQ6vzgmjq1zxcSAY7RYvm2CLUPRsmBG7O4J8sBh2WGwExLfdPEvNI9p13QWMFvUlJKHGt7i_PdqJ8hlCMq91kGqfSkC2pYPx58b2-ZlwNnGDhs8DDZqvpOAGjI-JsQs8tNx895FyXlbgmr9XYjcIZJmCBIe6Rx_mPylxGIpSGr8pvapI7yW9aCdNxKTLBqK2OGMg1iEFCTxFiIHfHHiH2ytVHsiJOtVGP61--xo53evxY-6_JJFSET4356ONvtVPDRA5jxu0kNZYatZQSIufXGzKAXr5umZxofSPmgLZb92NNSgMUnvYkDslVAbrTfIJG-suSqVvkN-mGMrBHTcg1ZC4rhELCyPC9yRMIlbgkv5T-ud1DAf5QAQ3UddG-hefnRMwaVehwtGXRHdTrKIVbpgLqsMJOMpRFq6LImhYOXqAC8deXmmJUzSoJa2xtvYXcpPprzxM07Hrzd2tU0YhrmINno_WT154WpBKxW8hlNnX3xaQqJDh2QXObAfU4TaqovbaFGIyAgun7wjm7TsQG6IvsiwqwkRKr690idv9cwjVDM6koqMG23T6aYydUGto1l1SjRTxOPaqbvHvnyxOeVhNs2QR2uw1CaTLctQV79gM4EcUs1vHeHJwFJDWk5LHFYJiPfwPXSKt2-roGB8fiQW3qUFSDuv4I8VvAXB9lPy-Km6-aEIG0FUfKPMwAycghlGsDEkbpUfYWaDMRHiY6-p96bsyke0wekXtPGPZ7AgyFJG4MZ2PYjgyiIrgM6LzEMaMz2HNcgabOvHBZrbk8v-Hv_nOfkY3iie7xvW-1AjYQUVb12yoFESGp2ZOGUyftiIpqC1bu3UrRZA4jiF-3kZ64uiy7nW_xot6pZ9ZpHF56OPJRk7FKraXzRg6J5uAgFCWWL0Q2Cdtor3sB2Vcmw3SGkcMxnCbPeso3udgAbdot25TgYhTn1QyxtOrhDG_anoeEHAc6HtepRewLtMBzWVM8FG0lH8STkq25kVnZ1nzT1qXR0VRNCkqbdmO-vSj36B-c9gKdby42IjtC7VbGkMzMt1aExIGDjc8DZXqx5FWVPj_0VOj4zZeWK2AchM8LxpI_es627ArnKhPm6c4Lh90-FjXV8jwzrJfdfM42FGu7AP_5fQEdqnVSpXPBRlDZAju9uGnAocdrCHa3vJWrbNj1RD5dFHxXLGll4S6_j-2cnt8iQaCSnfiYpE4gnPyJX6kb0A7Cp0lHCAIGLR6h6LHLaedgcCTN3wacC0pWy-KTM5loFuhvc6eFWDUKgxrNNMPYIrlw4ji-nZrouCGKBUgeJO_R_NzbRQEp9cuSmxX1mnCegxLNcFRFTszGl7sg20MogSDwSkmHcc1Ru0Rcdr-jfBQZfZ4MaFoPSoMAssXKGO-P6edZye19P-RR4XGORCRNXc18zlvg6nWpfDFwZ5R4aGBCp5Z_urMLB6RzbEJ1vAAo7sq3DP6K827Mn3le3A_n7tgDkJ87t3iMK6iXDA4092t6B2GWPRXAgYUm-saO6m96ezmVws8lx5HfBOtl9eXWTXcTaAovOwNwmr13IAlNacB1gsZ5Jdo_unPeLytICH9vrFTrAbjIxG481OovZF2VW4Qqz8n4lssdf_B_plSZ0jqx8_pxiDOmMwkjM7plcajb2MFJogDwome0JR2eZNDwjWbFnEMkMyKBLLYEYLfX1Lfe8hv0WNEf_oe_3dFH8bLBKE9x2LVQfbPnkZs6N6ug9I2aqysVaOkRrurrTtGTjUPOrAmHwcgTXOnfWF-tXXSBvifc55re4TKbZRRRlKKxQBzSgPshrYijBdK2ND8zcKeCizktdfQSo7N4nzfaUbzmTfaKqsLf8ahDFE_jO_GyYjot7h0AH7TclQH5JIlCcZcEzex-ElQbtpr4N8o-ZUH_zX-R63DT11mHcpLLlUoMu6ewTT81Z5FZWUAaf5VdkMKUPrq9SSAbKpj46hfEJLOvv10wSQypPHLh5B8mfauXTI-cwhk9c_Dr6Tn5u4gBCWpfhjgfj-OI3C9-u2qYy408-lMZMAoCZnq3n2WLu91D_NuBj0d48LvP2g9LbS4l-KhDy7dsnT2on_wE_K-sYZ_scH8Fv3ZkR4XtnQVZcyNIjkJIzcRda-4Na5C8IyX8MRSqD6XPinOi5Sdb6kNoRd6pDc_oLRQkK7bL_lj2Zw8Wg-zfQn-AhQ3o1Ssg8sMkzZ2Hz64HnKkeIF1-l3f4tUx4aIuZ4iGs-JjrZ6zR66rlnpj6CrasvEvA48HaqqCLo6g-QArBlhL-MdqoWsOFPaCBgvOsmRO4hIReY1AYU8Kah4mPuVPTLuSkNxAQmv73EdXhfSKGTqmOZTgNo6m65GughbZ6n8wOX1lAo-fKwZzBvPEDmAGvJ92izgboFO2R33waf2__ayDlrqKkm0iZQi6omKhHZH5wyb-_CLsGlhjYRoCJ8pJOseu0aVQgEEk8AyAmmjTNpDnqNN2qRpPtaxg0sOfdQwi1JiY-U5jAM8XwpuuyChXYCRW6bz4y6Njel94kXQcfS0cKtIGGT8N9A20xSbd2S0o7gHao_pJ-8GAFgAQ&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 833D 91 KB
23 KB 325ms
115ms Script
application/javascript 2600:9000:20c5:d600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:36:21 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 6ae304c394ca48eaeac474c114a24c88.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 12450062
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: DpDSgOjwh_dr0aZPuhK_cve1AoaLnu4MdyM_3xiSrcAh0SnVDuuRNA==

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 40ms
39ms Preflight
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 16:57:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 226A 51 KB
19 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 348314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 16:12:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EB33
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C1hA2cj93ZdvEJJiF7OsPnr27iAvgkLPIdO7p55f5BWQQASCdxax7YInzxYT0E6ABl_2S_wPIAQmpAjnAzZhXYD0-qAMByANKqgTsAU_QrPM0Q8Q17lvNKhr7NnUa4N3Gt5Yuct_BhXFzKrV...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3c5a684a4f422c770000000000000000%22,%222%22:%220x2c622a83c784cc5d0000000000000000%22,%223%22:%220xb91894...

0
0

42ms
42ms

Fetch
text/css

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3c5a684a4f422c770000000000000000%22,%222%22:%220x2c622a83c784cc5d0000000000000000%22,%223%22:%220xb9189408d179cbaf0000000000000000%22,%224%22:%220x8d4ac244b8ee28660000000000000000%22,%225%22:%220x39743a595cf0fbac0000000000000000%22},%22debug_key%22:%227878435383495636842%22,%22debug_reporting%22:true,%22destination%22:%22https://tokyu-resort.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071955607%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225821715775066769249%22}&andc=true

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x3c5a684a4f422c770000000000000000","2":"0x2c622a83c784cc5d0000000000000000","3":"0xb9189408d179cbaf0000000000000000","4":"0x8d4ac244b8ee28660000000000000000","5":"0x39743a595cf0fbac0000000000000000"},"debug_key":"7878435383495636842","debug_reporting":true,"destination":"https://tokyu-resort.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071955607"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"5821715775066769249"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Dec 2023 16:57:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3c5a684a4f422c770000000000000000","2":"0x2c622a83c784cc5d0000000000000000","3":"0xb9189408d179cbaf0000000000000000","4":"0x8d4ac244b8ee28660000000000000000","5":"0x39743a595cf0fbac0000000000000000"},"debug_key":"7878435383495636842","debug_reporting":true,"destination":"https://tokyu-resort.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071955607"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"5821715775066769249"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A809 43 B
215 B 621ms
118ms Image
image/gif 2600:1f13:800:7782:bf7b:717d:d1bd:feca
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=4fd613b0-2cd0-73e3-39a5-22b67c82693f&tv=%7Bc:wxKSLi,pingTime:-3,time:127,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:127,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B121~0%5D,as:%5B121~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY9pp01+11%7C12%7C13%7C14%7C151%7C16%7C171%7C181%7C1911%7C1912%7C1913%7C1a11%7C1a12%7C1b1%7C1b2%7C1c1%7C1d1*.1525516-72173817%7C1d11,idMap:1d1*,rmeas:1,rend:0,renddet:IMG.us,siq:29%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:bf7b:717d:d1bd:feca Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A809 43 B
215 B 619ms
117ms Image
image/gif 2600:1f13:800:7782:bf7b:717d:d1bd:feca
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=4fd613b0-2cd0-73e3-39a5-22b67c82693f&tv=%7Bc:wxKSLj,pingTime:-6,time:128,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B122~0%5D,as:%5B122~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY9pp01+11%7C12%7C13%7C14%7C151%7C16%7C171%7C181%7C1911%7C1912%7C1913%7C1a11%7C1a12%7C1b1%7C1b2%7C1c1%7C1d1*.1525516-72173817%7C1d11,idMap:1d1*,rmeas:1,rend:0,renddet:IMG.us,siq:29%7D&tpiLookup=ao:www.guri2o1667.work*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:bf7b:717d:d1bd:feca Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A809 43 B
216 B 589ms
117ms Image
image/gif 2600:1f13:800:7782:bf7b:717d:d1bd:feca
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=4fd613b0-2cd0-73e3-39a5-22b67c82693f&tv=%7Bc:wxKSLN,pingTime:-2,time:158,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:483,beZ:484,mfA:486,cmA:487,inA:487,inZ:490,prA:491,prZ:506,si:511,poA:512,poZ:530,cmZ:530,mfZ:530,loA:610,loZ:613,ltA:641,ltZ:641%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:158,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B152~0%5D,as:%5B152~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY9pp01+11%7C12%7C13%7C14%7C151%7C16%7C171%7C181%7C1911%7C1912%7C1913%7C1a11%7C1a12%7C1b1%7C1b2%7C1c1%7C1d1*.1525516-72173817%7C1d11,idMap:1d1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:29,sinceFw:129,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:bf7b:717d:d1bd:feca Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EB4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELjcPK3FICqJAMdKdtXkBR4&google_cver=1&google_push=AXcoOmRoVEqF8zvENHlYz7HUkgZHhehk9Z_2uFNqIfB9xWqr7C2xTrkVe26yFrlYWCoCdQJ514ca0lCLKgDTNYxgGPPflH4...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRoVEqF8zvENHlYz7HUkgZHhehk9Z_2uFNqIfB9xWqr7C2xTrkVe26yFrlYWCoCdQJ514ca0lCLKgDTNYxgGPPflH43brT0YkAn&google_hm=eS1JeEI1ZHRsRTJwR2...

170 B
188 B

44ms
43ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRoVEqF8zvENHlYz7HUkgZHhehk9Z_2uFNqIfB9xWqr7C2xTrkVe26yFrlYWCoCdQJ514ca0lCLKgDTNYxgGPPflH43brT0YkAn&google_hm=eS1JeEI1ZHRsRTJwR2VicGdzVHJfNEtJeHlqVGNLQUNGX35B

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRoVEqF8zvENHlYz7HUkgZHhehk9Z_2uFNqIfB9xWqr7C2xTrkVe26yFrlYWCoCdQJ514ca0lCLKgDTNYxgGPPflH43brT0YkAn&google_hm=eS1JeEI1ZHRsRTJwR2VicGdzVHJfNEtJeHlqVGNLQUNGX35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EB4
Redirect Chain

https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESENGQqc0Lk9kOdVdGFwvBeus&google_cver=1&google_push=AXcoOmRTJQvxQmid9Vr_GYOw-sAS36BIx-K0f1SA8ACMrSKan9aW3jaImDHjwIlshFz8nTlf1PTPAnJ5dhfZDsj...
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc3MzUzMjQyOTA&google_push=AXcoOmRTJQvxQmid9Vr_GYOw-sAS36BIx-K0f1SA8ACMrSKan9aW3jaImDHjwIlshFz8nTlf1PTPAnJ5dhfZDsj1wEOEc...

170 B
188 B

40ms
40ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc3MzUzMjQyOTA&google_push=AXcoOmRTJQvxQmid9Vr_GYOw-sAS36BIx-K0f1SA8ACMrSKan9aW3jaImDHjwIlshFz8nTlf1PTPAnJ5dhfZDsj1wEOEcE5o-lkMJIww

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=MTc3MzUzMjQyOTA&google_push=AXcoOmRTJQvxQmid9Vr_GYOw-sAS36BIx-K0f1SA8ACMrSKan9aW3jaImDHjwIlshFz8nTlf1PTPAnJ5dhfZDsj1wEOEcE5o-lkMJIww
Date: Mon, 11 Dec 2023 16:57:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EB4
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEBLGJAyfRUpPsiMYfnPfNPo&c_param1=AXcoOmRwa7IfmfRcWj3tZpQvUOarXuxJ0EzkmeopMGzk0NiaMfuYOLkwcGx8aIs-HbJH5SYelXy8N_wiwCqppKXxBTuliEgTcbIdc1SS&gdpr=%%GDP...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRwa7IfmfRcWj3tZpQvUOarXuxJ0EzkmeopMGzk0NiaMfuYOLkwcGx8aIs-HbJH5SYelXy8N_wiwCqppKXxBTuliEgTcbIdc1SS

170 B
188 B

43ms
42ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRwa7IfmfRcWj3tZpQvUOarXuxJ0EzkmeopMGzk0NiaMfuYOLkwcGx8aIs-HbJH5SYelXy8N_wiwCqppKXxBTuliEgTcbIdc1SS

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRwa7IfmfRcWj3tZpQvUOarXuxJ0EzkmeopMGzk0NiaMfuYOLkwcGx8aIs-HbJH5SYelXy8N_wiwCqppKXxBTuliEgTcbIdc1SS
date: Mon, 11 Dec 2023 16:57:23 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EB4
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESECVGMs-hu_t1STTDuW1O3Uw&google_cver=1&google_push=AXcoOmScIXfdYtARxhOWSp3zpg1nACd6sfSstwCmBO4rOTK0owwV3FPqVp_HGwea1rpaLA5OUOUVwo4dmjCwzYNEP...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmScIXfdYtARxhOWSp3zpg1nACd6sfSstwCmBO4rOTK0owwV3FPqVp_HGwea1rpaLA5OUOUVwo4dmjCwzYNEPB6FcPaIWYVDduxL&google_hm=AfMSQrmLAkVWsvUH...

170 B
188 B

42ms
41ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmScIXfdYtARxhOWSp3zpg1nACd6sfSstwCmBO4rOTK0owwV3FPqVp_HGwea1rpaLA5OUOUVwo4dmjCwzYNEPB6FcPaIWYVDduxL&google_hm=AfMSQrmLAkVWsvUH8T1SqYE

Requested by

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmScIXfdYtARxhOWSp3zpg1nACd6sfSstwCmBO4rOTK0owwV3FPqVp_HGwea1rpaLA5OUOUVwo4dmjCwzYNEPB6FcPaIWYVDduxL&google_hm=AfMSQrmLAkVWsvUH8T1SqYE
Date: Mon, 11 Dec 2023 16:57:23 GMT
Server: Apache
Connection: keep-alive
Content-Length: 235
Content-Type: text/html; charset=utf-8

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 9EB4 35 B
623 B 55ms
25ms Image
image/gif 182.22.31.124
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEP5rIQ4ZOyO6dwItv9NQudM&google_cver=1&google_push=AXcoOmQKex-DtvQhlqnsWnWM3nEQHXLU522_nIL1lnFMk2dJdPNuf4WPIMm-_mLHellF8RLJ_H2sQMoSxw6pnp2ZO7rGe0A9SnUpQIjQ-A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.22.31.124 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
server: nghttpx
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H2

200

dot.gif
s0.2mdn.net/ Frame 9EB4
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEMNPGn9LUey1Y3JlNAyAWoE&google_cver=1&google_push=AXcoOmSdQs7sXnLlzI2K5yAVQDzUW-6_9-7in5L7a0nxmK-gU6jTApITB-HnX5U8IW-GElbM1rCL1qQR55zrZPed95to...
https://sync.gonet-ads.com/match/google?google_gid=CAESEMNPGn9LUey1Y3JlNAyAWoE&google_cver=1&google_push=AXcoOmSdQs7sXnLlzI2K5yAVQDzUW-6_9-7in5L7a0nxmK-gU6jTApITB-HnX5U8IW-GElbM1rCL1qQR55zrZPed95to...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGI0ZmNkNTkxYzQ3MDVmZQ&google_push=AXcoOmSdQs7sXnLlzI2K5yAVQDzUW-6_9-7in5L7a0nxmK-gU6jTApITB-HnX5U8IW-GElbM1rCL1qQR55zrZPed95toZgE...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NGI0ZmNkNTkxYzQ3MDVmZQ&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
490 B

110ms
2ms

Image
image/gif

2404:6800:4004:826::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Protocol

Server

2404:6800:4004:826::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:33:00 GMT
x-content-type-options: nosniff
age: 77065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 19:33:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EB4
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEMuyryOQZSvPIHAck3GXSYQ&google_cver=1&google_push=AXcoOmRY7wAiZX2yRrAqm3d-FHLuKH2Enab63FQOp5XVOvcqaqwJHETCOKWqgbrlej4...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRY7wAiZX2yRrAqm3d-FHLuKH2Enab63FQOp5XVOvcqaqwJHETCOKWqgbrlej4h_LShu61Hi6fZ2b_iVHFzl8h3wVQ-4u9vfUyLcQ

170 B
188 B

43ms
42ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRY7wAiZX2yRrAqm3d-FHLuKH2Enab63FQOp5XVOvcqaqwJHETCOKWqgbrlej4h_LShu61Hi6fZ2b_iVHFzl8h3wVQ-4u9vfUyLcQ

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: d6ef22e7.3e7d137b
date: Mon, 11 Dec 2023 16:57:23 GMT
x-bytefaas-request-id: 20231211165723C990B226D58AE4E661C2
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231211165723C990B226D58AE4E661C2-35FC1E1A5A41F6E3-00
x-cache: TCP_MISS from a184-27-184-4.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time: 167,184.27.184.4
server-timing: cdn-cache; desc=MISS, edge; dur=159, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231211165723C990B226D58AE4E661C2
x-cache-remote: TCP_MISS from a23-213-246-142.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRY7wAiZX2yRrAqm3d-FHLuKH2Enab63FQOp5XVOvcqaqwJHETCOKWqgbrlej4h_LShu61Hi6fZ2b_iVHFzl8h3wVQ-4u9vfUyLcQ
x-bytefaas-execution-duration: 4.40
access-control-allow-origin: *
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 014616c37f0a8312d74cb913577e0c995a99ec630c9ebaa332ce5cd13ecb4de0a5169b35df13b8cefc289b3ea5d3e1bd03195227661e7cd017bfb77e78ed86d9e1a4d4fdc87a03dcfe943093cfc59c0d7dfa0a4815d0cad263c2a4114a9501f186734f60205fe9472b3fba84ea3ac51ec8
x-origin-response-time: 9,23.213.246.142
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Mon, 11 Dec 2023 16:57:23 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9EB4 0
12 B 38ms
38ms Image
text/html 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFDDrfeNlP6AsvRvVenUkgKtedB4au_TzQyd81_a5kyRnyYj1VCT5w0SYhQHA4Kk47Yj9LDI9J

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 9AF1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01290442c5f83c5492ff2b4290dceeda5a23d88697598149dabcf9216b433690

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 66B8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDo9gKIRqHnEf081LEsKamY&google_cver=1&google_push=AXcoOmQtf696vsDhQDlGDVIWcAmXGSWuHMXniyhcZEGIw5AQIQGcXY4sZNikvh1qdOJRkD-kz1R980lZja68sdB-QuCSvHb5XwZK&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDo9gKIRqHnEf081LEsKamY&google_cver=1&google_push=AXcoOmQtf696vsDhQDlGDVIWcAmXGSWuHMXniyhcZEGIw5AQIQGcXY4sZNikvh1qdOJRkD-kz1R980lZja68sdB-QuCSvHb5XwZ...

43 B
425 B

138ms
127ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDo9gKIRqHnEf081LEsKamY&google_cver=1&google_push=AXcoOmQtf696vsDhQDlGDVIWcAmXGSWuHMXniyhcZEGIw5AQIQGcXY4sZNikvh1qdOJRkD-kz1R980lZja68sdB-QuCSvHb5XwZK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQtf696vsDhQDlGDVIWcAmXGSWuHMXniyhcZEGIw5AQIQGcXY4sZNikvh1qdOJRkD-kz1R980lZja68sdB-QuCSvHb5XwZK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 833f4431dd38dfd1-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 46
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDo9gKIRqHnEf081LEsKamY&google_cver=1&google_push=AXcoOmQtf696vsDhQDlGDVIWcAmXGSWuHMXniyhcZEGIw5AQIQGcXY4sZNikvh1qdOJRkD-kz1R980lZja68sdB-QuCSvHb5XwZK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQtf696vsDhQDlGDVIWcAmXGSWuHMXniyhcZEGIw5AQIQGcXY4sZNikvh1qdOJRkD-kz1R980lZja68sdB-QuCSvHb5XwZK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 833f4430fc99dfd1-NRT
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66B8
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESENHu6tEr3zL9I4AY0HEKpZs&google_cver=1&google_push=AXcoOmQAhPMBUwlAmRM9mwyEdPDiRyVwrOIBQxDUtlXGS6TGRbsyLBSIhOUlhn5xIoxRN-p6uQ77uhR...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQAhPMBUwlAmRM9mwyEdPDiRyVwrOIBQxDUtlXGS6TGRbsyLBSIhOUlhn5xIoxRN-p6uQ77uhRxFDfxQNazn20vEElaTNsQFA&google_hm=emEo71sKRJKWg0U...

170 B
188 B

44ms
44ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQAhPMBUwlAmRM9mwyEdPDiRyVwrOIBQxDUtlXGS6TGRbsyLBSIhOUlhn5xIoxRN-p6uQ77uhRxFDfxQNazn20vEElaTNsQFA&google_hm=emEo71sKRJKWg0UFWDSxQZU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQAhPMBUwlAmRM9mwyEdPDiRyVwrOIBQxDUtlXGS6TGRbsyLBSIhOUlhn5xIoxRN-p6uQ77uhRxFDfxQNazn20vEElaTNsQFA&google_hm=emEo71sKRJKWg0UFWDSxQZU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
gdn.socdm.com/rtb/ Frame 66B8
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEG7BXiymSpVKBFnB0-rF6fw&google_cver=1&google_push=AXcoOmTMp1cw29R3ROSQGpdK1iJkGgMJKoxXmPMkoZaqvOfIxetZgyGma48XMrxtfMv7T...
https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WlhjLWM4Q284WGtBQUNEcndDOEFBQUFB
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEG7BXiymSpVKBFnB0-rF6fw&google_cver=1

43 B
951 B

336ms
57ms

Image
image/gif

202.241.208.2
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEG7BXiymSpVKBFnB0-rF6fw&google_cver=1
Requested by: Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/
Protocol: HTTP/1.1
Server: 202.241.208.2 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:23 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEG7BXiymSpVKBFnB0-rF6fw&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.149","key":"ZXc-c8Co8XkAACDrwC8AAAAA","privacy_sensitive":false,"uid":"ZXc-c8Co8XkAACDrwC8AAAAA","upstream_id":"m-ad273"}
X-SO-Key: ZXc-c8Co8XkAACDrwC8AAAAA
X-SO-Upstream-ID: m-ad273
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad273.dc4p.scaleout.jp
X-SO-UID: ZXc-c8Co8XkAACDrwC8AAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 146.70.201.149
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 12
X-SO-LB-Hostname: a-ng40010.dc2p.scaleout.jp

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEG7BXiymSpVKBFnB0-rF6fw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66B8
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEKW1rOzxrJOBVvc_9UOpobs&google_cver=1&google_push=AXcoOmTeJhObhCYlh5-oVHadkE-o7-sU2Vw3sgviBgM3Depiiu72WTKUYweuA2pPTDjsbp5jbk39U1W9NniS0Kv9V-OrcRcbS7uBjA
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTeJhObhCYlh5-oVHadkE-o7-sU2Vw3sgviBgM3Depiiu72WTKUYweuA2pPTDjsbp5jbk39U1W9NniS0Kv9V-OrcRcbS7uBjA&google_hm=NTdtR3ZOMDBaQkRHYTAwN...

170 B
188 B

40ms
40ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTeJhObhCYlh5-oVHadkE-o7-sU2Vw3sgviBgM3Depiiu72WTKUYweuA2pPTDjsbp5jbk39U1W9NniS0Kv9V-OrcRcbS7uBjA&google_hm=NTdtR3ZOMDBaQkRHYTAwN0QyNWc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Mon, 11 Dec 2023 16:57:23 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmTeJhObhCYlh5-oVHadkE-o7-sU2Vw3sgviBgM3Depiiu72WTKUYweuA2pPTDjsbp5jbk39U1W9NniS0Kv9V-OrcRcbS7uBjA&google_hm=NTdtR3ZOMDBaQkRHYTAwN0QyNWc
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66B8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDdLkF0N2WVFuVNEX0Jvw8E&google_cver=1&google_push=AXcoOmQ6uCwHe1spE0fi_t-fbocRCFV7G9YxmwAgV4vT7vJ-8mD6A1s_1tX9uPNO5FmhX17NXKJwrEJUvL6Q2gqiYoTGqOd...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ6uCwHe1spE0fi_t-fbocRCFV7G9YxmwAgV4vT7vJ-8mD6A1s_1tX9uPNO5FmhX17NXKJwrEJUvL6Q2gqiYoTGqOdGk2MG&google_hm=eS1fbkNTc1hkRTJwRTZZUi...

170 B
188 B

38ms
38ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ6uCwHe1spE0fi_t-fbocRCFV7G9YxmwAgV4vT7vJ-8mD6A1s_1tX9uPNO5FmhX17NXKJwrEJUvL6Q2gqiYoTGqOdGk2MG&google_hm=eS1fbkNTc1hkRTJwRTZZUi5KSEVvNENnYzdYM2RCY29nUH5B

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 16:57:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ6uCwHe1spE0fi_t-fbocRCFV7G9YxmwAgV4vT7vJ-8mD6A1s_1tX9uPNO5FmhX17NXKJwrEJUvL6Q2gqiYoTGqOdGk2MG&google_hm=eS1fbkNTc1hkRTJwRTZZUi5KSEVvNENnYzdYM2RCY29nUH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 66B8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFsH8y-VvSCHM1jpmQrW5hk&google_cver=1&google_push=AXcoOmQx_xNDXlSc_4uwf8ykQmtXVrnoGOnt2afhQbmRhf6qke-miKgKJo03yYBZkVGi9HrIDnOicApF...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFsH8y-VvSCHM1jpmQrW5hk&google_cver=1&google_push=AXcoOmQx_xNDXlSc_4uwf8ykQmtXVrnoGOnt2afhQbmRhf6qke-miKgKJo03yYBZkVGi9HrIDnO...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkwNTAwMzgyNjE2OTc3NDY0Nw&google_push=AXcoOmQx_xNDXlSc_4uwf8ykQmtXVrnoGOnt2afhQbmRhf6qke-miKgKJo03yYBZkVGi9HrIDnOicA...

170 B
188 B

42ms
42ms

Image
image/png

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkwNTAwMzgyNjE2OTc3NDY0Nw&google_push=AXcoOmQx_xNDXlSc_4uwf8ykQmtXVrnoGOnt2afhQbmRhf6qke-miKgKJo03yYBZkVGi9HrIDnOicApFtbU8KwMD6fhQdh1EJhdH

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkwNTAwMzgyNjE2OTc3NDY0Nw&google_push=AXcoOmQx_xNDXlSc_4uwf8ykQmtXVrnoGOnt2afhQbmRhf6qke-miKgKJo03yYBZkVGi9HrIDnOicApFtbU8KwMD6fhQdh1EJhdH
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 66B8
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECck-k1yrS_S...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZWI5OGJmN2EtMmIwZS00NWViLTk0NWEtOTJkZWM3NGYzNDEx&google_push=AXcoOmQVF025b-SSoQrdy9j0706wY_U-MltfnAShirvFPEktmLKdv7-a-7VkzHJKsGjEb...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

7ms
6ms

Image
image/gif

23.37.117.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11
Protocol: H2
Server: 23.37.117.101 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-117-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Mon, 11 Dec 2023 16:57:23 GMT
pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 66B8 0
12 B 36ms
36ms Image
text/html 142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lz1wezvfocwuxx9eG1eV93hFJUV-BqwHB6OuJ49B7Y_h07Gc6cE8fsMDdQHJ2XtPkqREJBZA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9EC4 38 KB
13 KB 2ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 421968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:44:35 GMT
expires: Thu, 05 Dec 2024 19:44:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 43ms
43ms Preflight
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 16:57:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 font
fonts.gstatic.com/l/ Frame 9AF1 11 KB
11 KB 2ms
2ms Font
text/html 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxpB4RUMZGuR91joLBp9NTWvW0EEgj_ypiXUxOONueTIGOeyInHj6g7XW-P57FnNsw5yqOYOSFAbXCpp_ZcIlMeRB-cW1M1wqH7KuCF1&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E7%B7%9A%E6%9D%B1%E4%BF%9D%E5%BE%92%E3%81%88B%E6%AD%A6%E5%9C%92%E5%B0%8F%E5%B1%B1%E5%88%86%E9%96%8B%E3%81%8F%E6%AD%A9%E3%81%94%E9%A7%85%E6%80%A53%E8%94%B5i%E7%9B%AE%E3%81%84%E8%82%B2%E9%BB%92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8140d02777fd6bf75a0fdd2de5a366e07d519ba44f3d6938579033c1515a18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 07:49:47 GMT
x-content-type-options: nosniff
age: 32856
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Mon, 11 Dec 2023 07:49:47 GMT

GET
H3 200 16937399171067592947
tpc.googlesyndication.com/gpa_images/simgad/ Frame 03CF 121 KB
121 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/16937399171067592947

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81682ef9b1fe4dfb2da5fffd5ca414fe556beddb5297ab0b07e41c9fad1e8760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:03:50 GMT
x-content-type-options: nosniff
age: 348813
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124243
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 20:56:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 16:03:50 GMT

GET
H3 200 12602044831896066356
tpc.googlesyndication.com/gpa_images/simgad/ Frame 03CF 172 KB
172 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/12602044831896066356

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe21767f8dee850c40493b584246f94a5066621ce5ed0c482ce8e8a8d35bb168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:08:08 GMT
x-content-type-options: nosniff
age: 298155
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176309
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 22:14:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 06:08:08 GMT

GET
H3 200 13982611780426721384
tpc.googlesyndication.com/gpa_images/simgad/ Frame 03CF 2 MB
2 MB 8ms
6ms Image
image/png 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/13982611780426721384

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f80e4a05153c4ebd7bf37a684752745e71cf9ba88568ac53c5c90d428212d45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 10:58:41 GMT
x-content-type-options: nosniff
age: 107922
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1700448
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 15:48:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 09 Dec 2024 10:58:41 GMT

GET
H3 200 14290954695547804511
tpc.googlesyndication.com/simgad/ Frame 03CF 21 KB
21 KB 6ms
5ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14290954695547804511

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edd19becd01c99928f16745822f216d2f458e9a41b073ce1ca13c3a9f24e5eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:44:51 GMT
x-content-type-options: nosniff
age: 349952
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21302
x-xss-protection: 0
last-modified: Thu, 12 Oct 2017 08:58:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 15:44:51 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9AF1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CpG4Ycj93ZeqNIqjUs8IP8KelyAifkZPsbqDGrqr3EKuhstHrARABIJ3FrHtgifPFhPQToAH9lf-YKcgBCakCltu4SxhXPT6oAwHIA8sEqgT8AU_Q_ocBaoMQfjm7fy889PmYrZe390L7cY0...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x63f3e84993bd306c0000000000000000%22,%222%22:%220x1d486d7e7c89145e0000000000000000%22,%223%22:%220xa6ad63...

0
0

38ms
37ms

Fetch
text/css

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x63f3e84993bd306c0000000000000000%22,%222%22:%220x1d486d7e7c89145e0000000000000000%22,%223%22:%220xa6ad635db171d8110000000000000000%22,%224%22:%220x24cafc5d2b9db6d20000000000000000%22,%225%22:%220xc3fddf839696507c0000000000000000%22},%22debug_key%22:%224095886813077987612%22,%22debug_reporting%22:true,%22destination%22:%22https://playdoh.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211058268925%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223701501522826895697%22}&andc=true

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x63f3e84993bd306c0000000000000000","2":"0x1d486d7e7c89145e0000000000000000","3":"0xa6ad635db171d8110000000000000000","4":"0x24cafc5d2b9db6d20000000000000000","5":"0xc3fddf839696507c0000000000000000"},"debug_key":"4095886813077987612","debug_reporting":true,"destination":"https://playdoh.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11058268925"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"3701501522826895697"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Dec 2023 16:57:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x63f3e84993bd306c0000000000000000","2":"0x1d486d7e7c89145e0000000000000000","3":"0xa6ad635db171d8110000000000000000","4":"0x24cafc5d2b9db6d20000000000000000","5":"0xc3fddf839696507c0000000000000000"},"debug_key":"4095886813077987612","debug_reporting":true,"destination":"https://playdoh.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11058268925"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"3701501522826895697"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 03CF 51 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 348314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 16:12:09 GMT

GET
DATA 200
OK truncated
/ Frame CBAE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e91f18aef3d70918333a3c43b2e9033637de0e63ed37bcfab636320bbcffb06a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame CBAE 34 KB
34 KB 3ms
2ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrN03ck5od7e6ODTxoRVjbcOUR04DiFxC-uodbz3eetfPfDRk6Pji-FP8iIi0-L1Aogz9FLL2JROhEkm4Nx_ePAbtRAvPMYwHCs0DQEw6kex2ytg59pnuRk-vQJY08zMKkfpKou5smRPwdAnBAgbnUHg4dinPArMo2qoYoNeNz4Wr5wkvcPthgJGClGJEz_qRkgn6Mgj_aJ9xzn5_KJDAe_AgUtVQ396G5Nb53pHgjaauuHEAzbwheskOJsvjxeBTVMoRX_UtFo03o&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%83%AC%E3%82%8B%E3%83%88%E3%81%90%E3%80%81o%E3%81%86%20%E3%83%B3z%E3%81%A6a%E3%80%82%E3%81%AE%E3%83%AB%E3%81%8A%E3%82%8A%E4%BB%8A%E3%81%A3n%E3%81%A0%E3%82%BC%E3%83%95%E3%83%83%E5%93%81%E3%83%A7%E6%9C%AB%E7%9B%9B%E8%A6%8B%E3%83%87%E3%81%95%E3%81%A7%E3%82%82%E3%81%99%E8%B2%B7m%E3%81%BE%E3%81%A8%E3%81%8F%E3%82%BB%E3%83%BC%E3%83%AA%E3%81%8B%E3%82%89%E3%81%84%E3%82%B7%E3%83%9B%E3%82%93%E3%82%81A%E3%81%88%E3%82%A1%E5%B9%B4%E6%8F%83%E3%81%8C%E5%BE%97%E3%83%97%E3%82%88

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d1170d51f2f77b7c11374437839bd809a008b990ab2ea4a8858d980c2e3b132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:00:44 GMT
x-content-type-options: nosniff
age: 6999
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34324
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Dec 2023 15:00:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CBAE 15 KB
15 KB 3ms
3ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:17:42 GMT
x-content-type-options: nosniff
age: 337181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:17:42 GMT

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame A7F6 51 KB
19 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=200&adk=2151073771&adf=611815269&pi=t.aa~a.2625894220~rp.4&w=640&fwrn=1&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=640x200&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1397&idt=-M&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200&nras=4&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=285&ady=3324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 348314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 16:12:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 03CF 7 KB
682 B 39ms
39ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700&subset=cyrillic-ext,greek-ext,vietnamese,latin-ext

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6619405f0e688e0427b0c83584e65d364e4490f4e96e3fd4ef10cf5d51f9849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 16:57:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 16:50:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 16:57:23 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CBAE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl7pVcj93ZffxIcTJs8IPzOiywAvszMPUdK3tnYKcEomQx8a0EBABIJ3FrHtgifPFhPQToAG-9_T9AsgBCakCltu4SxhXPT6oAwHIA8sEqgToAU_QNHamdFVxCOOrVvGyWJhDWwBCaCGGF_G...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2499ac6dcb32859a0000000000000000%22,%222%22:%220x54918845ec2777c50000000000000000%22,%223%22:%220x4ff2b6...

0
0

39ms
39ms

Fetch
text/css

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2499ac6dcb32859a0000000000000000%22,%222%22:%220x54918845ec2777c50000000000000000%22,%223%22:%220x4ff2b6df6245ae6b0000000000000000%22,%224%22:%220x22a143e5ad9ca5580000000000000000%22,%225%22:%220x71a08538988ca0990000000000000000%22},%22debug_key%22:%22318458811305628865%22,%22debug_reporting%22:true,%22destination%22:%22https://amazon.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22800930750%22],%224%22:[%2212-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22913775139292922369%22}&andc=true

Requested by

Host: www.guri2o1667.work
URL: https://www.guri2o1667.work/

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x2499ac6dcb32859a0000000000000000","2":"0x54918845ec2777c50000000000000000","3":"0x4ff2b6df6245ae6b0000000000000000","4":"0x22a143e5ad9ca5580000000000000000","5":"0x71a08538988ca0990000000000000000"},"debug_key":"318458811305628865","debug_reporting":true,"destination":"https://amazon.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["800930750"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"913775139292922369"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Dec 2023 16:57:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2499ac6dcb32859a0000000000000000","2":"0x54918845ec2777c50000000000000000","3":"0x4ff2b6df6245ae6b0000000000000000","4":"0x22a143e5ad9ca5580000000000000000","5":"0x71a08538988ca0990000000000000000"},"debug_key":"318458811305628865","debug_reporting":true,"destination":"https://amazon.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["800930750"],"4":["12-11"],"6":["true"]},"priority":"500","source_event_id":"913775139292922369"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EC4 39 KB
15 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 493192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 23:57:31 GMT

GET
H3 200 14290954695547804511
tpc.googlesyndication.com/simgad/ Frame 03CF 21 KB
21 KB 2ms
1ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14290954695547804511

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/6/utils_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edd19becd01c99928f16745822f216d2f458e9a41b073ce1ca13c3a9f24e5eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:44:51 GMT
x-content-type-options: nosniff
age: 349952
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21302
x-xss-protection: 0
last-modified: Thu, 12 Oct 2017 08:58:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 15:44:51 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 39ms
39ms Preflight
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 16:57:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F23 51 KB
19 KB 2ms
2ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 348314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 16:12:09 GMT

GET
H3 200 16937399171067592947
tpc.googlesyndication.com/gpa_images/simgad/ Frame 03CF 121 KB
121 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/16937399171067592947

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/6/utils_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81682ef9b1fe4dfb2da5fffd5ca414fe556beddb5297ab0b07e41c9fad1e8760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:03:50 GMT
x-content-type-options: nosniff
age: 348813
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124243
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 20:56:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 16:03:50 GMT

GET
H3 200 12602044831896066356
tpc.googlesyndication.com/gpa_images/simgad/ Frame 03CF 172 KB
172 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/12602044831896066356

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/6/utils_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe21767f8dee850c40493b584246f94a5066621ce5ed0c482ce8e8a8d35bb168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:08:08 GMT
x-content-type-options: nosniff
age: 298155
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176309
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 22:14:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 06:08:08 GMT

GET
H3 200 13982611780426721384
tpc.googlesyndication.com/gpa_images/simgad/ Frame 03CF 2 MB
2 MB 5ms
4ms Image
image/png 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/13982611780426721384

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/dynamic_utils/6/utils_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f80e4a05153c4ebd7bf37a684752745e71cf9ba88568ac53c5c90d428212d45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 10:58:41 GMT
x-content-type-options: nosniff
age: 107922
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1700448
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 15:48:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 09 Dec 2024 10:58:41 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 03CF 50 KB
50 KB 3ms
2ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700&subset=cyrillic-ext,greek-ext,vietnamese,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:16:36 GMT
x-content-type-options: nosniff
age: 502847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 21:16:36 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 03CF 50 KB
50 KB 3ms
3ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700&subset=cyrillic-ext,greek-ext,vietnamese,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:16:36 GMT
x-content-type-options: nosniff
age: 502847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 21:16:36 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 39ms
39ms Preflight
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 16:57:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B3E 42 B
64 B 42ms
41ms Fetch
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrFnUBpBzVVgzE-11x0KZBPF8YLqEGBEDhsQdR3JAPHOmnqP-B9sFEOYaV1mMbGdrjZyyW9HTRKPgoupbeblu1Kr1Fhs-wjlVYRfcO0Me2MZjqwObPjdrKL81_Rm7y72aah60Uc3j5lzfI2cYXoppXt6Rv&sai=AMfl-YQ5JmLkqDMbV_9uVY7oEV1ls2Qq47TQ0BtMQDxuouCfrduuCGm_JtxYJd9UkHQYRODiWGtZR9M93pClyafWaEtiUxFJ-TFMBnp2uLj1uhrTifevvFwQhkjS_fadU_nm4AEVtq3M5J6CF1IT9KbQXA&sig=Cg0ArKJSzD570cX9xLzHEAE&cid=CAQSTwAvHhf_v7-8DMWRj1oCUsFkd02V5mnJlckSAj8l0CMCrPIEYW9p7pmOs7ah70Ev1SWXAxL35sdxvv0FdyG92CN5xY9uoyWjNQswGgvKht0YAQ&id=lidar2&mcvt=1029&p=0,0,280,1030&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=33187953&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702313841627&rpt=933&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24651/ Frame A809 7 KB
7 KB 554ms
116ms Script
text/javascript 35.160.173.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjss_SMihYEXBGAGfnH2w3lv-jbrponlUO1-knXnZ7GD3bH3cpyPBY_KR8fhqvtJrW962zyF_J_gmGPlXx2Ge7j8kkO5_AxulhuwsYycu38sgtd2mOmyrMrISL_-Q5Qg_mJ4anijWhlQg7c4yRljmj18ymVXzbhp5ZdqcIA3IcAQFH5lKMSAAuml4_HXPSqEaB19qMYTJs333GJVC5dqqtDHz9JZgcnx-zMd8o-rLRsgHJRCScfWybSoaoXczIHE3CBjHRlDdGdKXS3Ez5-DjG8Dq08RbRQhl_-5Xngdz-0r_bfcvTgCxMhGHG9B1fMf7iFg04S-91HERjcI-AQ_FYoOnmRD9wGICAQIPt2RjmdZm_9uLs7JmXJ08cooUBubo_BRIqcz1jVo0KXImex6XB414AQAX38SeRCb0oL0V7XxP_xIrxpLuB96nMVIfoTQh_709J0YywtWW63GnWy2vW71U8NLPknKglrs2zSGxANE50HfuD4s6mpMIsPQ5xg_i0U4idN4u7VnhQ3Sa-sfDVQNQVl-rkHt1Q6k4iVFQyexHaXxcCzZrDLXwviGshSKunt2J_uv-LrcnPp_iVe8gUhfIHAcBfgMpet3zAEeTrrFHk_w41U6eCc6pkrcBYMe2_y1rsDh6mIDz5groFVVqM_zX9B_6vXMgiWnIy_Ghak6MY2G1YKOd9eD_AkDBIzGTBMhHYjb0a2jjVUOiTzITdz9pKHd5deu4-DHfbcw8hVXrMwauNSwY5Wl_zip-mCV07b89sCkFrTj4pS1zSDSeDdS0yILEJfdwA3vBb1Rmhti77WitQMhf14eM4eVgLgINI1WG6Y7mkrr4WNlxzRcIDRkbPlYDET_Zsn9MOVnL5o8jq7zfKyAHa7t5twCzROktGnQzA3oVVDBv03Za1eMAhaoxAXDvOz80xpfPYXKEnMEJKuqw49teZrGjQL2LjLmfajBSNaTKZCKU__ohUxXRwBPY65YTEjUaaiGczkN24gMrEEWBhfZCOqrp1-nQNln4BMZEUqS9B2mRJBQCkcD-ce5ynhCwTZpgoA4DonArLcQ2PDdlg5UUJl-Rr6VXHVwoQ-LpzcCePPgRqg1kjbpM9Dtb6_mUH3SMJDjHlDzCEMkTK6u6tlxenY-1iOpGUEBKcEBV3J8-0l-E0stwKiPv2h7sDaHJF9dfE5vU02LzDItFqxNlyeBXGlv54e-rfHlM1mv1Rt9A8cI3HupUd8qWOXyK-9tIpWCe4FRO7NTBEdtOOpPyXYexRBxEy4I5YwMovCRsdQfGP5ZNIs3wQE4ss2BD_4MRl3dwBvzpTtCLeKDoGEpVPzqJ2YMq6PFgWagkxjCga4BzZjUUuQB6J6V8HdQPhKk4xeb6JoCZ8g&sai=AMfl-YTyl2_Csk1dpy7HZzeK-uEUO-ODS6owt-DT7nbj5mjX31yTTcknWDWnsurZ3KkQcjxy9VRJNIXKL7a37Ul_x2fDYxpBXlsCOpLIUXpTmU9GHpCjnQRxFJnKGaLvrZ2MX6a-C4W21E9SfmH5x4RxFsU3H8tN81-antTBAinzAdPSYtY_s04wurHiXX9TrAKd45aV5YSU5dAPk1OnTJV-bB9k4lpqhfX42Hn8WEYYTrtNpFacdqTXXifVnNOUkQ_WZdKtboE9RagFW6EhuP1tI_ldLFl2Z3A_obuKbM3Cjj6q5GDuGSPSJLs&sig=Cg0ArKJSzD11iYAcdAxCEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30056896&DFA_PlacementId=369242594&DFA_AdId=560368621&DFA_CreativeId=163367472&DFA_SiteId=6958819&TC_1=cmmiil1qng4&TC_2=30056896&TC_3=369242594&TC_4=163367472&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056896$dcmadid|560368621$dcmrenderingid|162888157$dcmsiteid|6958819$dcmplacementid|369242594$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&DCM_PlacementID=369242594
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525516/72173817/xbbe/creative/adj?p=APEucNWccohOKjOnEzYz-D57YpQ--Wvq81XkvBlV6GAKit_bMbFYiE0&d=CokBAKAmf-BUBL2Ur7vBucBKR7YjZHQF6sPmI8D1wQbULOWNSpktvG1P4i6WB0-6uVx1d_MQo7aFs2ZCFKXvBrARL7sIcVfsJKqxm5iV0coiVJJOIykfHhzgLdVdVF9LXDF0ZOBV8sFUj_CfzN2AxRbhzF7ECd_Q8UR_jTo5G_aZgXg9iYEbHbTn3EISiRUAoCZ_4OFeIVgyA2HZlMybtIX8mrSLlq4fdq-I0nTB-uShGhwCU6qWovruQFy4HbCVvwFcTTR0cYB7ltqMqo8LaVjWEhw_UZmMC8g18c0Vgp3o1jvHEo2H5YtBs4XFGJW1m0yyxAiwi3xwV9MoKvN9A-RpXWfAEEoTBN-eM_6t-CY4z1QKT2UcyHYk178Y9iyNepHwvVPGKDG4pCzehKdC0pkE0NF89A9Qcf2-xoUSG87HSZKhoFAO4csUjFVv6XogOGXJKV7J9U9_KlecRrGGdnxpbI_rlxgQm80j3RkJ0LkbpRXW8nzI8V94hFuPrRt6eDIGQnldlFZDk2dPYUO8aTFYesAjRH4ciybVdZyUsKUn366UQlFC-N4_R_DtlN-0th6VStCwW5Bf_hNkecOdSG5jm5fHTnyXNAhTyBPJhijPfIE8h_C-_la6glif3yB70BroZXuPMuxELCfHn6a_gkovc29Q4pAOM0aSSqKenNdOh5sBFVzA_IbeEXKyQ2qZIy9k0SkGwlQBP9XZaepk-Ci7y136Va_BTh3aXWXuYQWswn_vfW-UYFALR_gqg9OeCxh65VQNvMEbhC9cz4M0cisxHEN-UDeQ7n5FE8SUt-DQRmvIMdFGCAH0rkWdYDEAMV625MpU12XR8q1zPxv3mdp-yhrIWmGXe07Je4mIlXfp3Odn7MPFnOLwW-o_BTiPoYgRo8pd85eIp4B1D8asgLGf_x6Iy4rkhY76rWU6gWy4XwV5SXJwU_kHBUsdUqttRe33vP-girvO7ZpQH0y2zriMhS42Jf_BgqzLWVeuvuSI-kp7sQpfQG6ACuFN-Qr1nxVXl1gqzn5tBODykUvUo04P5R0GtGd4ttUx33k-4wxG-eoq1PVMFBTf7qRirZlhOoIgFlw7TUe0w_PNZwg6xWQRwQkPsugM20z3AM7pfOjfoXeWFB6uaP7bCX8xySg-_vgcgqlTzccRlWHEnZ35S2FVrcoww09E2OAH_k_fDRpRCrxDfy0nHf332O_6rexumy9WWf5rrw9l8IuGaag6qCeaupJhPZYPGm2H-FtkyEhuGTNOs03W2Nc0VKkJawXwONe1P7YZb-6gmc6XcmDHsgywGVXIrRg7SYLFk4xHCQBw32A8UxWUSODKC0IQ6vzgmjq1zxcSAY7RYvm2CLUPRsmBG7O4J8sBh2WGwExLfdPEvNI9p13QWMFvUlJKHGt7i_PdqJ8hlCMq91kGqfSkC2pYPx58b2-ZlwNnGDhs8DDZqvpOAGjI-JsQs8tNx895FyXlbgmr9XYjcIZJmCBIe6Rx_mPylxGIpSGr8pvapI7yW9aCdNxKTLBqK2OGMg1iEFCTxFiIHfHHiH2ytVHsiJOtVGP61--xo53evxY-6_JJFSET4356ONvtVPDRA5jxu0kNZYatZQSIufXGzKAXr5umZxofSPmgLZb92NNSgMUnvYkDslVAbrTfIJG-suSqVvkN-mGMrBHTcg1ZC4rhELCyPC9yRMIlbgkv5T-ud1DAf5QAQ3UddG-hefnRMwaVehwtGXRHdTrKIVbpgLqsMJOMpRFq6LImhYOXqAC8deXmmJUzSoJa2xtvYXcpPprzxM07Hrzd2tU0YhrmINno_WT154WpBKxW8hlNnX3xaQqJDh2QXObAfU4TaqovbaFGIyAgun7wjm7TsQG6IvsiwqwkRKr690idv9cwjVDM6koqMG23T6aYydUGto1l1SjRTxOPaqbvHvnyxOeVhNs2QR2uw1CaTLctQV79gM4EcUs1vHeHJwFJDWk5LHFYJiPfwPXSKt2-roGB8fiQW3qUFSDuv4I8VvAXB9lPy-Km6-aEIG0FUfKPMwAycghlGsDEkbpUfYWaDMRHiY6-p96bsyke0wekXtPGPZ7AgyFJG4MZ2PYjgyiIrgM6LzEMaMz2HNcgabOvHBZrbk8v-Hv_nOfkY3iie7xvW-1AjYQUVb12yoFESGp2ZOGUyftiIpqC1bu3UrRZA4jiF-3kZ64uiy7nW_xot6pZ9ZpHF56OPJRk7FKraXzRg6J5uAgFCWWL0Q2Cdtor3sB2Vcmw3SGkcMxnCbPeso3udgAbdot25TgYhTn1QyxtOrhDG_anoeEHAc6HtepRewLtMBzWVM8FG0lH8STkq25kVnZ1nzT1qXR0VRNCkqbdmO-vSj36B-c9gKdby42IjtC7VbGkMzMt1aExIGDjc8DZXqx5FWVPj_0VOj4zZeWK2AchM8LxpI_es627ArnKhPm6c4Lh90-FjXV8jwzrJfdfM42FGu7AP_5fQEdqnVSpXPBRlDZAju9uGnAocdrCHa3vJWrbNj1RD5dFHxXLGll4S6_j-2cnt8iQaCSnfiYpE4gnPyJX6kb0A7Cp0lHCAIGLR6h6LHLaedgcCTN3wacC0pWy-KTM5loFuhvc6eFWDUKgxrNNMPYIrlw4ji-nZrouCGKBUgeJO_R_NzbRQEp9cuSmxX1mnCegxLNcFRFTszGl7sg20MogSDwSkmHcc1Ru0Rcdr-jfBQZfZ4MaFoPSoMAssXKGO-P6edZye19P-RR4XGORCRNXc18zlvg6nWpfDFwZ5R4aGBCp5Z_urMLB6RzbEJ1vAAo7sq3DP6K827Mn3le3A_n7tgDkJ87t3iMK6iXDA4092t6B2GWPRXAgYUm-saO6m96ezmVws8lx5HfBOtl9eXWTXcTaAovOwNwmr13IAlNacB1gsZ5Jdo_unPeLytICH9vrFTrAbjIxG481OovZF2VW4Qqz8n4lssdf_B_plSZ0jqx8_pxiDOmMwkjM7plcajb2MFJogDwome0JR2eZNDwjWbFnEMkMyKBLLYEYLfX1Lfe8hv0WNEf_oe_3dFH8bLBKE9x2LVQfbPnkZs6N6ug9I2aqysVaOkRrurrTtGTjUPOrAmHwcgTXOnfWF-tXXSBvifc55re4TKbZRRRlKKxQBzSgPshrYijBdK2ND8zcKeCizktdfQSo7N4nzfaUbzmTfaKqsLf8ahDFE_jO_GyYjot7h0AH7TclQH5JIlCcZcEzex-ElQbtpr4N8o-ZUH_zX-R63DT11mHcpLLlUoMu6ewTT81Z5FZWUAaf5VdkMKUPrq9SSAbKpj46hfEJLOvv10wSQypPHLh5B8mfauXTI-cwhk9c_Dr6Tn5u4gBCWpfhjgfj-OI3C9-u2qYy408-lMZMAoCZnq3n2WLu91D_NuBj0d48LvP2g9LbS4l-KhDy7dsnT2on_wE_K-sYZ_scH8Fv3ZkR4XtnQVZcyNIjkJIzcRda-4Na5C8IyX8MRSqD6XPinOi5Sdb6kNoRd6pDc_oLRQkK7bL_lj2Zw8Wg-zfQn-AhQ3o1Ssg8sMkzZ2Hz64HnKkeIF1-l3f4tUx4aIuZ4iGs-JjrZ6zR66rlnpj6CrasvEvA48HaqqCLo6g-QArBlhL-MdqoWsOFPaCBgvOsmRO4hIReY1AYU8Kah4mPuVPTLuSkNxAQmv73EdXhfSKGTqmOZTgNo6m65GughbZ6n8wOX1lAo-fKwZzBvPEDmAGvJ92izgboFO2R33waf2__ayDlrqKkm0iZQi6omKhHZH5wyb-_CLsGlhjYRoCJ8pJOseu0aVQgEEk8AyAmmjTNpDnqNN2qRpPtaxg0sOfdQwi1JiY-U5jAM8XwpuuyChXYCRW6bz4y6Njel94kXQcfS0cKtIGGT8N9A20xSbd2S0o7gHao_pJ-8GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=&ias_chanId=1&ias_placementId=20268485269&bidurl=https://www.guri2o1667.work/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h5dWBlnwT12IB7WKjA8xbU&adsafe_url=https%3A%2F%2Fwww.guri2o1667.work&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.guri2o1667.work%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-2307171157063658%26fa%3D1%26ifi%3D11%26uci%3Da!b%26btvi%3D6&adsafe_type=be&adsafe_jsinfo=,id:4fd613b0-2cd0-73e3-39a5-22b67c82693f,c:wxKSJH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74989cd8c9-crbhl,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tY9pp01+11%7C12%7C13%7C14%7C151%7C16%7C171%7C181%7C1911%7C1912%7C1913%7C1a11%7C1a12%7C1b1%7C1b2%7C1c1%7C1d1*.1525516-72173817%7C1d11,idMap:1d1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:28,oid:5a9ac91c-9846-11ee-8745-2a0f74109bef,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.173.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-173-212.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: eaca7c9347ddb083500e03e054821cfcb688efd2e2ade95baa65c42f49766ab8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:24 GMT
server: AMO-jAds/1.1
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 6761
expires: Mon Dec 11 16:57:24 UTC 2023

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame A809 31 KB
12 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525516/72173817/xbbe/creative/adj?p=APEucNWccohOKjOnEzYz-D57YpQ--Wvq81XkvBlV6GAKit_bMbFYiE0&d=CokBAKAmf-BUBL2Ur7vBucBKR7YjZHQF6sPmI8D1wQbULOWNSpktvG1P4i6WB0-6uVx1d_MQo7aFs2ZCFKXvBrARL7sIcVfsJKqxm5iV0coiVJJOIykfHhzgLdVdVF9LXDF0ZOBV8sFUj_CfzN2AxRbhzF7ECd_Q8UR_jTo5G_aZgXg9iYEbHbTn3EISiRUAoCZ_4OFeIVgyA2HZlMybtIX8mrSLlq4fdq-I0nTB-uShGhwCU6qWovruQFy4HbCVvwFcTTR0cYB7ltqMqo8LaVjWEhw_UZmMC8g18c0Vgp3o1jvHEo2H5YtBs4XFGJW1m0yyxAiwi3xwV9MoKvN9A-RpXWfAEEoTBN-eM_6t-CY4z1QKT2UcyHYk178Y9iyNepHwvVPGKDG4pCzehKdC0pkE0NF89A9Qcf2-xoUSG87HSZKhoFAO4csUjFVv6XogOGXJKV7J9U9_KlecRrGGdnxpbI_rlxgQm80j3RkJ0LkbpRXW8nzI8V94hFuPrRt6eDIGQnldlFZDk2dPYUO8aTFYesAjRH4ciybVdZyUsKUn366UQlFC-N4_R_DtlN-0th6VStCwW5Bf_hNkecOdSG5jm5fHTnyXNAhTyBPJhijPfIE8h_C-_la6glif3yB70BroZXuPMuxELCfHn6a_gkovc29Q4pAOM0aSSqKenNdOh5sBFVzA_IbeEXKyQ2qZIy9k0SkGwlQBP9XZaepk-Ci7y136Va_BTh3aXWXuYQWswn_vfW-UYFALR_gqg9OeCxh65VQNvMEbhC9cz4M0cisxHEN-UDeQ7n5FE8SUt-DQRmvIMdFGCAH0rkWdYDEAMV625MpU12XR8q1zPxv3mdp-yhrIWmGXe07Je4mIlXfp3Odn7MPFnOLwW-o_BTiPoYgRo8pd85eIp4B1D8asgLGf_x6Iy4rkhY76rWU6gWy4XwV5SXJwU_kHBUsdUqttRe33vP-girvO7ZpQH0y2zriMhS42Jf_BgqzLWVeuvuSI-kp7sQpfQG6ACuFN-Qr1nxVXl1gqzn5tBODykUvUo04P5R0GtGd4ttUx33k-4wxG-eoq1PVMFBTf7qRirZlhOoIgFlw7TUe0w_PNZwg6xWQRwQkPsugM20z3AM7pfOjfoXeWFB6uaP7bCX8xySg-_vgcgqlTzccRlWHEnZ35S2FVrcoww09E2OAH_k_fDRpRCrxDfy0nHf332O_6rexumy9WWf5rrw9l8IuGaag6qCeaupJhPZYPGm2H-FtkyEhuGTNOs03W2Nc0VKkJawXwONe1P7YZb-6gmc6XcmDHsgywGVXIrRg7SYLFk4xHCQBw32A8UxWUSODKC0IQ6vzgmjq1zxcSAY7RYvm2CLUPRsmBG7O4J8sBh2WGwExLfdPEvNI9p13QWMFvUlJKHGt7i_PdqJ8hlCMq91kGqfSkC2pYPx58b2-ZlwNnGDhs8DDZqvpOAGjI-JsQs8tNx895FyXlbgmr9XYjcIZJmCBIe6Rx_mPylxGIpSGr8pvapI7yW9aCdNxKTLBqK2OGMg1iEFCTxFiIHfHHiH2ytVHsiJOtVGP61--xo53evxY-6_JJFSET4356ONvtVPDRA5jxu0kNZYatZQSIufXGzKAXr5umZxofSPmgLZb92NNSgMUnvYkDslVAbrTfIJG-suSqVvkN-mGMrBHTcg1ZC4rhELCyPC9yRMIlbgkv5T-ud1DAf5QAQ3UddG-hefnRMwaVehwtGXRHdTrKIVbpgLqsMJOMpRFq6LImhYOXqAC8deXmmJUzSoJa2xtvYXcpPprzxM07Hrzd2tU0YhrmINno_WT154WpBKxW8hlNnX3xaQqJDh2QXObAfU4TaqovbaFGIyAgun7wjm7TsQG6IvsiwqwkRKr690idv9cwjVDM6koqMG23T6aYydUGto1l1SjRTxOPaqbvHvnyxOeVhNs2QR2uw1CaTLctQV79gM4EcUs1vHeHJwFJDWk5LHFYJiPfwPXSKt2-roGB8fiQW3qUFSDuv4I8VvAXB9lPy-Km6-aEIG0FUfKPMwAycghlGsDEkbpUfYWaDMRHiY6-p96bsyke0wekXtPGPZ7AgyFJG4MZ2PYjgyiIrgM6LzEMaMz2HNcgabOvHBZrbk8v-Hv_nOfkY3iie7xvW-1AjYQUVb12yoFESGp2ZOGUyftiIpqC1bu3UrRZA4jiF-3kZ64uiy7nW_xot6pZ9ZpHF56OPJRk7FKraXzRg6J5uAgFCWWL0Q2Cdtor3sB2Vcmw3SGkcMxnCbPeso3udgAbdot25TgYhTn1QyxtOrhDG_anoeEHAc6HtepRewLtMBzWVM8FG0lH8STkq25kVnZ1nzT1qXR0VRNCkqbdmO-vSj36B-c9gKdby42IjtC7VbGkMzMt1aExIGDjc8DZXqx5FWVPj_0VOj4zZeWK2AchM8LxpI_es627ArnKhPm6c4Lh90-FjXV8jwzrJfdfM42FGu7AP_5fQEdqnVSpXPBRlDZAju9uGnAocdrCHa3vJWrbNj1RD5dFHxXLGll4S6_j-2cnt8iQaCSnfiYpE4gnPyJX6kb0A7Cp0lHCAIGLR6h6LHLaedgcCTN3wacC0pWy-KTM5loFuhvc6eFWDUKgxrNNMPYIrlw4ji-nZrouCGKBUgeJO_R_NzbRQEp9cuSmxX1mnCegxLNcFRFTszGl7sg20MogSDwSkmHcc1Ru0Rcdr-jfBQZfZ4MaFoPSoMAssXKGO-P6edZye19P-RR4XGORCRNXc18zlvg6nWpfDFwZ5R4aGBCp5Z_urMLB6RzbEJ1vAAo7sq3DP6K827Mn3le3A_n7tgDkJ87t3iMK6iXDA4092t6B2GWPRXAgYUm-saO6m96ezmVws8lx5HfBOtl9eXWTXcTaAovOwNwmr13IAlNacB1gsZ5Jdo_unPeLytICH9vrFTrAbjIxG481OovZF2VW4Qqz8n4lssdf_B_plSZ0jqx8_pxiDOmMwkjM7plcajb2MFJogDwome0JR2eZNDwjWbFnEMkMyKBLLYEYLfX1Lfe8hv0WNEf_oe_3dFH8bLBKE9x2LVQfbPnkZs6N6ug9I2aqysVaOkRrurrTtGTjUPOrAmHwcgTXOnfWF-tXXSBvifc55re4TKbZRRRlKKxQBzSgPshrYijBdK2ND8zcKeCizktdfQSo7N4nzfaUbzmTfaKqsLf8ahDFE_jO_GyYjot7h0AH7TclQH5JIlCcZcEzex-ElQbtpr4N8o-ZUH_zX-R63DT11mHcpLLlUoMu6ewTT81Z5FZWUAaf5VdkMKUPrq9SSAbKpj46hfEJLOvv10wSQypPHLh5B8mfauXTI-cwhk9c_Dr6Tn5u4gBCWpfhjgfj-OI3C9-u2qYy408-lMZMAoCZnq3n2WLu91D_NuBj0d48LvP2g9LbS4l-KhDy7dsnT2on_wE_K-sYZ_scH8Fv3ZkR4XtnQVZcyNIjkJIzcRda-4Na5C8IyX8MRSqD6XPinOi5Sdb6kNoRd6pDc_oLRQkK7bL_lj2Zw8Wg-zfQn-AhQ3o1Ssg8sMkzZ2Hz64HnKkeIF1-l3f4tUx4aIuZ4iGs-JjrZ6zR66rlnpj6CrasvEvA48HaqqCLo6g-QArBlhL-MdqoWsOFPaCBgvOsmRO4hIReY1AYU8Kah4mPuVPTLuSkNxAQmv73EdXhfSKGTqmOZTgNo6m65GughbZ6n8wOX1lAo-fKwZzBvPEDmAGvJ92izgboFO2R33waf2__ayDlrqKkm0iZQi6omKhHZH5wyb-_CLsGlhjYRoCJ8pJOseu0aVQgEEk8AyAmmjTNpDnqNN2qRpPtaxg0sOfdQwi1JiY-U5jAM8XwpuuyChXYCRW6bz4y6Njel94kXQcfS0cKtIGGT8N9A20xSbd2S0o7gHao_pJ-8GAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=&ias_chanId=1&ias_placementId=20268485269&bidurl=https://www.guri2o1667.work/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h5dWBlnwT12IB7WKjA8xbU&adsafe_url=https%3A%2F%2Fwww.guri2o1667.work&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.guri2o1667.work%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-2307171157063658%26fa%3D1%26ifi%3D11%26uci%3Da!b%26btvi%3D6&adsafe_type=be&adsafe_jsinfo=,id:4fd613b0-2cd0-73e3-39a5-22b67c82693f,c:wxKSJH,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74989cd8c9-crbhl,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tY9pp01+11%7C12%7C13%7C14%7C151%7C16%7C171%7C181%7C1911%7C1912%7C1913%7C1a11%7C1a12%7C1b1%7C1b2%7C1c1%7C1d1*.1525516-72173817%7C1d11,idMap:1d1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:28,oid:5a9ac91c-9846-11ee-8745-2a0f74109bef,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:51 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame A809 11 KB
4 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:33:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:33:02 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A809 0
0 92ms
45ms Fetch
image/gif 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0CIMkXbJMH9B1SzIkAilZBs4Ql5KMQjfqbO_FNmlm6T9nkL1w06gfuDokN5y6A203e3FEBx-YYfXJZGBBc1PVoA_tAjtDq9E7oniSwmBPEnrnH6zIlxDdoyt6nYMMLkfw66zABrWpwlFaPyF_Fc7DZ5FrtmUYcxnuY9752X5TucY&sai=AMfl-YTCzBtDSvketsNVp-HDSdTQkLHWcfV62sG_uEM61NNfALmWzRQJxuRbarWimWrtsXcP3huIK8iRDhhZcBuKI-LtSJP0TW9W66_6835cQh4_kMh-KCOqAx-JUZ6uhGk&sig=Cg0ArKJSzPHH33yd-LCzEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231206.99935&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 03CF 50 KB
50 KB 2ms
2ms Font
font/woff2 2404:6800:4004:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700&subset=cyrillic-ext,greek-ext,vietnamese,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:16:36 GMT
x-content-type-options: nosniff
age: 502847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 21:16:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EC4 0
20 B 44ms
43ms Image
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQ6Uicz93Zb2SA7yDvcAPrbmpmAsAAAAAOAHgBAI&bg=!YmGlYS7NAAY3kmNgF5I7ADQBe5WfOJ5DsPXfoysRAKXg8fkipEMxAmT5FeMEhMSdKlWuJbPIENQh0pBtFl4k6s_EPYJ4AgAAAJFSAAAAAmgBB5kDQdTCYdK3ZJ1rwhdf_rHlJLQdeWP_vrNutS2oD-pIE-jXmiT3WKn0FlbzWIYPLwdfleCvKIX0Jq-ksWR5WtxDfZbuGXlZhlJzl8_MXeo9_7DOMmN9w8RgiGZHyqdrRWqE95aogSUx5RafNyfN9tJqQzNrynpsD67vq1afUgW9AErfVPZlOKTViMia2anfHDxJjnAM5CUk6j0jQJ-PEkYSj4vywkbGOGdLr3g0KG1AOAQttdcBb1SYmDaLmFhRFFMvoOn07PQrbeT0cL8ny4Oiw4kNMqkUj5rG47xFb7Hi3jTO21eWxb9na2qeBXZgtbudkNI73iXAbJjSwr8u1MApW7oSFyt79aPKeezn8GDdTRtwloVpoka2iXZUqqseQwpIUkMZRiyV1v9lqHken_MNqMj8cgIV-sfkjhUYHX27ABNiqMMj1piLR8oMPjeOzLD-g3WWlvdLtp1TTv_Xj2tYv0UjyAbmW9-gqvDVZ-dj-_qLHsICDlQXu9AvGg9mGZTzY4hcKacSic8xNzQWcidZ0vtG4to6LmEFGY7VHeCI_4SpIsoVJ1Hcaq13VZnNtFqkhCUL3r7WD7yg3gYbHbNh-wHlTz7Y9O7hW10BjuLQ-H1rR-rDA-n5iBV_I_XRzgQwDbw9KiXYhG9P_imD99MLeSw7ihWZZXnN6yqztx42sQrNIp5TN83qOqsPdrsJN_Rc6zPU_F-QA3eBEHWp_mbO4TVA7siki5_yyIh0YHKeFV3gP-R6VpVrralDeG9N5b0-RSNH7rMaMX-IHTkyaewC5YVwnn3ZThK1QjMrLnMjVH9Rl0VXvfH1-XAI4rh-RFPN-uUUSmQV7lm8eleeHCwABwX7vkr3PJ5gbgeesp4Bl7EC9MU6DEm0sid7G_Q7VH4vGJta5FIhayFbkkFf9nK7m5H9vSWyP-6aLWoLWAkUCqjDW-WWdvi5rV9cqhhrJbfAwkXAJ4LzcDKSj_1227vS2jiKyJQo7h3rKWtZ-cYxTj_xrFsWQlJjzBZgyhjJQntqGeNe3XRVCpwi1C7AJ8nnGssAQof3ttIRoz6EoNCVFJKur5AoeMJQhf2MD7RuBploQsOSdLN4qNVxOG1kipFwgxCS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A809 43 B
215 B 118ms
118ms Image
image/gif 2600:1f13:800:7782:bf7b:717d:d1bd:feca
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=4fd613b0-2cd0-73e3-39a5-22b67c82693f&tv=%7Bc:wxKSWk,pingTime:-10,time:811,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNTQwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702313843992%7C%7C94e0c0bfabd0fa43987a059256fb8620%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C0a971682e683d01ba7ef53d730a89bf3%7C%7Cf5ad85806002e70b4fd7489cd6bd877c%7C%7C7f9db6debca6e5780a3e1c57dc1f47f6%7C%7C2c1ca6f2b5509d36ec1d0e74369770fc%7C%7C5913663e0953ba096d1444b13be8cf1d%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:bf7b:717d:d1bd:feca Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:24 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 765C 42 B
64 B 44ms
44ms Fetch
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWAD1zuN9KaQ1OkpoCIEjjQQC-V5QDu61Qi-xDiEHBw69EwZGS61AsMVFyciEQcXy8zTNMw41dZHRE5jPTg5tIQiLbdVZA5OAEyaqekkPi7uWeLIeyQJiIh__n-4q66UcYCTgw-3bevfAoGxBrK2au67t5&sai=AMfl-YQwJLYTR_JNA8tGlPBw39nDlFLy0ILuP-fQQV8RCjIgK0Di1Jxqpbpp977c4nAZfuMJEpCTy4VfmGfIEHu-kVjmp-p_nzoXZaZGHuVVOtRAwwy-DzZ-RIsXze5vH4UMWQvOqBq-Y4TQV5yO0G8MHw&sig=Cg0ArKJSzECb1DhiL4p0EAE&cid=CAQSTwDICaaNM2kOeo03apGk-1rGDSw591DCLUmJj5TmMAzxfCm67IKFdgJFbpvPjLo2N6X3iRdBx9LRwq0gYZPw30DbTFJt3ZLSjuAdqj-kn7wYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702313842634&rpt=155&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24651/ Frame A809 11 KB
12 KB 125ms
123ms Script
text/javascript 35.160.173.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss_SMihYEXBGAGfnH2w3lv-jbrponlUO1-knXnZ7GD3bH3cpyPBY_KR8fhqvtJrW962zyF_J_gmGPlXx2Ge7j8kkO5_AxulhuwsYycu38sgtd2mOmyrMrISL_-Q5Qg_mJ4anijWhlQg7c4yRljmj18ymVXzbhp5ZdqcIA3IcAQFH5lKMSAAuml4_HXPSqEaB19qMYTJs333GJVC5dqqtDHz9JZgcnx-zMd8o-rLRsgHJRCScfWybSoaoXczIHE3CBjHRlDdGdKXS3Ez5-DjG8Dq08RbRQhl_-5Xngdz-0r_bfcvTgCxMhGHG9B1fMf7iFg04S-91HERjcI-AQ_FYoOnmRD9wGICAQIPt2RjmdZm_9uLs7JmXJ08cooUBubo_BRIqcz1jVo0KXImex6XB414AQAX38SeRCb0oL0V7XxP_xIrxpLuB96nMVIfoTQh_709J0YywtWW63GnWy2vW71U8NLPknKglrs2zSGxANE50HfuD4s6mpMIsPQ5xg_i0U4idN4u7VnhQ3Sa-sfDVQNQVl-rkHt1Q6k4iVFQyexHaXxcCzZrDLXwviGshSKunt2J_uv-LrcnPp_iVe8gUhfIHAcBfgMpet3zAEeTrrFHk_w41U6eCc6pkrcBYMe2_y1rsDh6mIDz5groFVVqM_zX9B_6vXMgiWnIy_Ghak6MY2G1YKOd9eD_AkDBIzGTBMhHYjb0a2jjVUOiTzITdz9pKHd5deu4-DHfbcw8hVXrMwauNSwY5Wl_zip-mCV07b89sCkFrTj4pS1zSDSeDdS0yILEJfdwA3vBb1Rmhti77WitQMhf14eM4eVgLgINI1WG6Y7mkrr4WNlxzRcIDRkbPlYDET_Zsn9MOVnL5o8jq7zfKyAHa7t5twCzROktGnQzA3oVVDBv03Za1eMAhaoxAXDvOz80xpfPYXKEnMEJKuqw49teZrGjQL2LjLmfajBSNaTKZCKU__ohUxXRwBPY65YTEjUaaiGczkN24gMrEEWBhfZCOqrp1-nQNln4BMZEUqS9B2mRJBQCkcD-ce5ynhCwTZpgoA4DonArLcQ2PDdlg5UUJl-Rr6VXHVwoQ-LpzcCePPgRqg1kjbpM9Dtb6_mUH3SMJDjHlDzCEMkTK6u6tlxenY-1iOpGUEBKcEBV3J8-0l-E0stwKiPv2h7sDaHJF9dfE5vU02LzDItFqxNlyeBXGlv54e-rfHlM1mv1Rt9A8cI3HupUd8qWOXyK-9tIpWCe4FRO7NTBEdtOOpPyXYexRBxEy4I5YwMovCRsdQfGP5ZNIs3wQE4ss2BD_4MRl3dwBvzpTtCLeKDoGEpVPzqJ2YMq6PFgWagkxjCga4BzZjUUuQB6J6V8HdQPhKk4xeb6JoCZ8g%26sai%3DAMfl-YTyl2_Csk1dpy7HZzeK-uEUO-ODS6owt-DT7nbj5mjX31yTTcknWDWnsurZ3KkQcjxy9VRJNIXKL7a37Ul_x2fDYxpBXlsCOpLIUXpTmU9GHpCjnQRxFJnKGaLvrZ2MX6a-C4W21E9SfmH5x4RxFsU3H8tN81-antTBAinzAdPSYtY_s04wurHiXX9TrAKd45aV5YSU5dAPk1OnTJV-bB9k4lpqhfX42Hn8WEYYTrtNpFacdqTXXifVnNOUkQ_WZdKtboE9RagFW6EhuP1tI_ldLFl2Z3A_obuKbM3Cjj6q5GDuGSPSJLs%26sig%3DCg0ArKJSzD11iYAcdAxCEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30056896&DFA_PlacementId=369242594&DFA_AdId=560368621&DFA_CreativeId=163367472&DFA_SiteId=6958819&TC_1=cmmiil1qng4&TC_2=30056896&TC_3=369242594&TC_4=163367472&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056896$dcmadid|560368621$dcmrenderingid|162888157$dcmsiteid|6958819$dcmplacementid|369242594$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&DCM_PlacementID=369242594&edge=y&html5=y&nr=0.6686584140190983
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjss_SMihYEXBGAGfnH2w3lv-jbrponlUO1-knXnZ7GD3bH3cpyPBY_KR8fhqvtJrW962zyF_J_gmGPlXx2Ge7j8kkO5_AxulhuwsYycu38sgtd2mOmyrMrISL_-Q5Qg_mJ4anijWhlQg7c4yRljmj18ymVXzbhp5ZdqcIA3IcAQFH5lKMSAAuml4_HXPSqEaB19qMYTJs333GJVC5dqqtDHz9JZgcnx-zMd8o-rLRsgHJRCScfWybSoaoXczIHE3CBjHRlDdGdKXS3Ez5-DjG8Dq08RbRQhl_-5Xngdz-0r_bfcvTgCxMhGHG9B1fMf7iFg04S-91HERjcI-AQ_FYoOnmRD9wGICAQIPt2RjmdZm_9uLs7JmXJ08cooUBubo_BRIqcz1jVo0KXImex6XB414AQAX38SeRCb0oL0V7XxP_xIrxpLuB96nMVIfoTQh_709J0YywtWW63GnWy2vW71U8NLPknKglrs2zSGxANE50HfuD4s6mpMIsPQ5xg_i0U4idN4u7VnhQ3Sa-sfDVQNQVl-rkHt1Q6k4iVFQyexHaXxcCzZrDLXwviGshSKunt2J_uv-LrcnPp_iVe8gUhfIHAcBfgMpet3zAEeTrrFHk_w41U6eCc6pkrcBYMe2_y1rsDh6mIDz5groFVVqM_zX9B_6vXMgiWnIy_Ghak6MY2G1YKOd9eD_AkDBIzGTBMhHYjb0a2jjVUOiTzITdz9pKHd5deu4-DHfbcw8hVXrMwauNSwY5Wl_zip-mCV07b89sCkFrTj4pS1zSDSeDdS0yILEJfdwA3vBb1Rmhti77WitQMhf14eM4eVgLgINI1WG6Y7mkrr4WNlxzRcIDRkbPlYDET_Zsn9MOVnL5o8jq7zfKyAHa7t5twCzROktGnQzA3oVVDBv03Za1eMAhaoxAXDvOz80xpfPYXKEnMEJKuqw49teZrGjQL2LjLmfajBSNaTKZCKU__ohUxXRwBPY65YTEjUaaiGczkN24gMrEEWBhfZCOqrp1-nQNln4BMZEUqS9B2mRJBQCkcD-ce5ynhCwTZpgoA4DonArLcQ2PDdlg5UUJl-Rr6VXHVwoQ-LpzcCePPgRqg1kjbpM9Dtb6_mUH3SMJDjHlDzCEMkTK6u6tlxenY-1iOpGUEBKcEBV3J8-0l-E0stwKiPv2h7sDaHJF9dfE5vU02LzDItFqxNlyeBXGlv54e-rfHlM1mv1Rt9A8cI3HupUd8qWOXyK-9tIpWCe4FRO7NTBEdtOOpPyXYexRBxEy4I5YwMovCRsdQfGP5ZNIs3wQE4ss2BD_4MRl3dwBvzpTtCLeKDoGEpVPzqJ2YMq6PFgWagkxjCga4BzZjUUuQB6J6V8HdQPhKk4xeb6JoCZ8g&sai=AMfl-YTyl2_Csk1dpy7HZzeK-uEUO-ODS6owt-DT7nbj5mjX31yTTcknWDWnsurZ3KkQcjxy9VRJNIXKL7a37Ul_x2fDYxpBXlsCOpLIUXpTmU9GHpCjnQRxFJnKGaLvrZ2MX6a-C4W21E9SfmH5x4RxFsU3H8tN81-antTBAinzAdPSYtY_s04wurHiXX9TrAKd45aV5YSU5dAPk1OnTJV-bB9k4lpqhfX42Hn8WEYYTrtNpFacdqTXXifVnNOUkQ_WZdKtboE9RagFW6EhuP1tI_ldLFl2Z3A_obuKbM3Cjj6q5GDuGSPSJLs&sig=Cg0ArKJSzD11iYAcdAxCEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30056896&DFA_PlacementId=369242594&DFA_AdId=560368621&DFA_CreativeId=163367472&DFA_SiteId=6958819&TC_1=cmmiil1qng4&TC_2=30056896&TC_3=369242594&TC_4=163367472&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056896$dcmadid|560368621$dcmrenderingid|162888157$dcmsiteid|6958819$dcmplacementid|369242594$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&DCM_PlacementID=369242594
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.173.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-173-212.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 67e33c047d6bc4ef074607d5799c8332654ba54167a4307220942282dfcef1e1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
pragma: no-cache
date: Mon, 11 Dec 2023 16:57:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: AMO-jAds/1.1
expires: Mon Dec 11 16:57:24 UTC 2023

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame 8959 16 KB
4 KB 24ms
2ms Document
text/html 23.215.243.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXc_dAAAAG7aFEEz
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss_SMihYEXBGAGfnH2w3lv-jbrponlUO1-knXnZ7GD3bH3cpyPBY_KR8fhqvtJrW962zyF_J_gmGPlXx2Ge7j8kkO5_AxulhuwsYycu38sgtd2mOmyrMrISL_-Q5Qg_mJ4anijWhlQg7c4yRljmj18ymVXzbhp5ZdqcIA3IcAQFH5lKMSAAuml4_HXPSqEaB19qMYTJs333GJVC5dqqtDHz9JZgcnx-zMd8o-rLRsgHJRCScfWybSoaoXczIHE3CBjHRlDdGdKXS3Ez5-DjG8Dq08RbRQhl_-5Xngdz-0r_bfcvTgCxMhGHG9B1fMf7iFg04S-91HERjcI-AQ_FYoOnmRD9wGICAQIPt2RjmdZm_9uLs7JmXJ08cooUBubo_BRIqcz1jVo0KXImex6XB414AQAX38SeRCb0oL0V7XxP_xIrxpLuB96nMVIfoTQh_709J0YywtWW63GnWy2vW71U8NLPknKglrs2zSGxANE50HfuD4s6mpMIsPQ5xg_i0U4idN4u7VnhQ3Sa-sfDVQNQVl-rkHt1Q6k4iVFQyexHaXxcCzZrDLXwviGshSKunt2J_uv-LrcnPp_iVe8gUhfIHAcBfgMpet3zAEeTrrFHk_w41U6eCc6pkrcBYMe2_y1rsDh6mIDz5groFVVqM_zX9B_6vXMgiWnIy_Ghak6MY2G1YKOd9eD_AkDBIzGTBMhHYjb0a2jjVUOiTzITdz9pKHd5deu4-DHfbcw8hVXrMwauNSwY5Wl_zip-mCV07b89sCkFrTj4pS1zSDSeDdS0yILEJfdwA3vBb1Rmhti77WitQMhf14eM4eVgLgINI1WG6Y7mkrr4WNlxzRcIDRkbPlYDET_Zsn9MOVnL5o8jq7zfKyAHa7t5twCzROktGnQzA3oVVDBv03Za1eMAhaoxAXDvOz80xpfPYXKEnMEJKuqw49teZrGjQL2LjLmfajBSNaTKZCKU__ohUxXRwBPY65YTEjUaaiGczkN24gMrEEWBhfZCOqrp1-nQNln4BMZEUqS9B2mRJBQCkcD-ce5ynhCwTZpgoA4DonArLcQ2PDdlg5UUJl-Rr6VXHVwoQ-LpzcCePPgRqg1kjbpM9Dtb6_mUH3SMJDjHlDzCEMkTK6u6tlxenY-1iOpGUEBKcEBV3J8-0l-E0stwKiPv2h7sDaHJF9dfE5vU02LzDItFqxNlyeBXGlv54e-rfHlM1mv1Rt9A8cI3HupUd8qWOXyK-9tIpWCe4FRO7NTBEdtOOpPyXYexRBxEy4I5YwMovCRsdQfGP5ZNIs3wQE4ss2BD_4MRl3dwBvzpTtCLeKDoGEpVPzqJ2YMq6PFgWagkxjCga4BzZjUUuQB6J6V8HdQPhKk4xeb6JoCZ8g%26sai%3DAMfl-YTyl2_Csk1dpy7HZzeK-uEUO-ODS6owt-DT7nbj5mjX31yTTcknWDWnsurZ3KkQcjxy9VRJNIXKL7a37Ul_x2fDYxpBXlsCOpLIUXpTmU9GHpCjnQRxFJnKGaLvrZ2MX6a-C4W21E9SfmH5x4RxFsU3H8tN81-antTBAinzAdPSYtY_s04wurHiXX9TrAKd45aV5YSU5dAPk1OnTJV-bB9k4lpqhfX42Hn8WEYYTrtNpFacdqTXXifVnNOUkQ_WZdKtboE9RagFW6EhuP1tI_ldLFl2Z3A_obuKbM3Cjj6q5GDuGSPSJLs%26sig%3DCg0ArKJSzD11iYAcdAxCEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30056896&DFA_PlacementId=369242594&DFA_AdId=560368621&DFA_CreativeId=163367472&DFA_SiteId=6958819&TC_1=cmmiil1qng4&TC_2=30056896&TC_3=369242594&TC_4=163367472&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056896$dcmadid|560368621$dcmrenderingid|162888157$dcmsiteid|6958819$dcmplacementid|369242594$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&DCM_PlacementID=369242594&edge=y&html5=y&nr=0.6686584140190983
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Dec 2023 16:57:24 GMT
ETag: "150315370-3fce-5e32201ac1000"
Expires: Mon, 11 Dec 2023 17:57:24 GMT
Last-Modified: Wed, 06 Jul 2022 12:21:20 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
DATA 200
OK truncated
/ Frame A809 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 846ae3c0f0207a7abc94ed22d1f39fd5523ab6d10bfde28bffce20d5db2e9763

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame 8959 0
390 B 6ms
6ms Script
text/javascript 23.215.243.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXc_dAAAAG7aFEEz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXc_dAAAAG7aFEEz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:24 GMT
Last-Modified: Wed, 06 Jul 2022 12:21:20 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "150315371-0-5e32201ac1000"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Mon, 11 Dec 2023 17:57:24 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A809 0
0 45ms
44ms Fetch
image/gif 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0CIMkXbJMH9B1SzIkAilZBs4Ql5KMQjfqbO_FNmlm6T9nkL1w06gfuDokN5y6A203e3FEBx-YYfXJZGBBc1PVoA_tAjtDq9E7oniSwmBPEnrnH6zIlxDdoyt6nYMMLkfw66zABrWpwlFaPyF_Fc7DZ5FrtmUYcxnuY9752X5TucY&sai=AMfl-YTCzBtDSvketsNVp-HDSdTQkLHWcfV62sG_uEM61NNfALmWzRQJxuRbarWimWrtsXcP3huIK8iRDhhZcBuKI-LtSJP0TW9W66_6835cQh4_kMh-KCOqAx-JUZ6uhGk&sig=Cg0ArKJSzPHH33yd-LCzEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=741&vt=11&dtpt=740&dett=4&cstd=0&cisv=r20231206.99935&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 52ms
51ms XHR
application/json 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Host: cdn.blog.st-hatena.com
URL: https://cdn.blog.st-hatena.com/js/vendors.js?version=9f07f2fa593dfd37f929a685ab685f

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d33e88540838e0dd3da5ac9998a3ca33a13dd16ef3479aeeb1b45d9dc2493d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12260
x-xss-protection: 0

GET
H/1.1 200
OK 728x90.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/ Frame C127 14 KB
4 KB 3ms
2ms Document
text/html 23.215.243.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXc_dAAAAG7aFEEz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 91ea9d151e7ab252501a473e052b27bf88d2096dc8cff8a0e298cffd710c31f4

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXc_dAAAAG7aFEEz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3926
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Dec 2023 16:57:24 GMT
ETag: "1a9258bdd-395d-60561f72aae40"
Expires: Mon, 11 Dec 2023 17:57:24 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK style.min.css
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/css/ Frame C127 4 KB
5 KB 3ms
2ms Stylesheet
text/css 23.215.243.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/css/style.min.css
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:24 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a90bd26e-11d1-60561f72aae40"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4561
Expires: Mon, 11 Dec 2023 17:57:24 GMT

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame C127 5 KB
6 KB 116ms
115ms Script
application/javascript 35.160.173.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.173.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-173-212.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: cache
date: Mon, 11 Dec 2023 16:57:24 GMT
last-modified: Wed, 22 Dec 2021 09:29:42 GMT
server: AMO-jAds/1.1
etag: W/"5582-1640165382000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H2 200 gsap.min.js Show response
cdn.jsdelivr.net/npm/gsap@3.0.1/dist/ Frame C127 54 KB
23 KB 13ms
1ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/gsap@3.0.1/dist/gsap.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Dec 2023 16:57:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2962085
x-jsd-version: 3.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23008
x-served-by: cache-fra-eddf8230095-FRA, cache-nrt-rjtf7700028-NRT
x-jsd-version-type: version
etag: W/"d8fc-fe8VvabeDqL+WzK+waTDAMtuAsE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK script.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/ Frame C127 7 KB
8 KB 5ms
2ms Script
text/javascript 23.215.243.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:24 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a95254fe-1cef-60561f72aae40"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7407
Expires: Mon, 11 Dec 2023 17:57:24 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 92ms
92ms Script
text/javascript 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 16:57:24 GMT

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/fonts/ Frame C127 29 KB
30 KB 2ms
2ms Font
application/octet-stream 23.215.243.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/fonts/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Origin: https://dco-assets.everestads.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:24 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a9258bdf-74a0-60561f72aae40"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29856
Expires: Mon, 11 Dec 2023 17:57:24 GMT

GET
H/1.1 200
OK e51232cf9fc8dd7b4756cbe34f3be9cc.png
dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/ Frame C127 110 B
497 B 2ms
1ms Image
image/png 23.215.243.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/e51232cf9fc8dd7b4756cbe34f3be9cc.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:24 GMT
Last-Modified: Thu, 07 Dec 2023 13:51:30 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "106564822-6e-60bebc3c97cc2"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110
Expires: Mon, 11 Dec 2023 17:57:24 GMT

GET
H/1.1 200
OK 1373f829b31e447d6ae10819ac316330.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame C127 9 KB
10 KB 2ms
2ms Image
image/png 23.215.243.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/1373f829b31e447d6ae10819ac316330.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 50f9b55f799408d883bbbc2110c7b5f0cb0c9f5245d415d9a13ebda58e9ce087

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:24 GMT
Last-Modified: Thu, 07 Dec 2023 13:52:09 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "18b36c8d0-2481-60bebc61f8d96"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9345
Expires: Mon, 11 Dec 2023 17:57:24 GMT

GET
H/1.1 200
OK f71b18ba3153b509865445c7b4706219.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame C127 2 KB
2 KB 5ms
2ms Image
image/png 23.215.243.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/f71b18ba3153b509865445c7b4706219.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48058c7cae6c0edd1606307d30e0bfec5267501b07d1b1a664644c7e30121911

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:24 GMT
Last-Modified: Thu, 07 Dec 2023 13:52:07 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "10573e103-758-60bebc6072df4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1880
Expires: Mon, 11 Dec 2023 17:57:24 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/1373f829b31e447d6ae10819ac316330.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 50f9b55f799408d883bbbc2110c7b5f0cb0c9f5245d415d9a13ebda58e9ce087

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:24 GMT
Last-Modified: Thu, 07 Dec 2023 13:52:09 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "18b36c8d0-2481-60bebc61f8d96"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9345
Expires: Mon, 11 Dec 2023 17:57:24 GMT

GET
H/1.1 200
OK f71b18ba3153b509865445c7b4706219.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame C127 2 KB
2 KB 2ms
2ms Image
image/png 23.215.243.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/f71b18ba3153b509865445c7b4706219.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.243.88 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-243-88.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48058c7cae6c0edd1606307d30e0bfec5267501b07d1b1a664644c7e30121911

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 16:57:24 GMT
Last-Modified: Thu, 07 Dec 2023 13:52:07 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "10573e103-758-60bebc6072df4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1880
Expires: Mon, 11 Dec 2023 17:57:24 GMT

GET
H2 204 imp
analyticspixel.microsoft.com/aid/ Frame C127 0
676 B 65ms
49ms Image
text/plain 204.79.197.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspixel.microsoft.com/aid/imp?dcoimpid=ZXc_dAAAAG7aFEEz&dcmadvertiserid|8391437$dcmcampaignid|30056896$dcmadid|560368621$dcmrenderingid|162888157$dcmsiteid|6958819$dcmplacementid|369242594$customer|Microsoft$dv360auctionid|ct=JP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0005.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 794371E9CDB24AA18390BF8126BD2D55 Ref B: TYAEDGE0718 Ref C: 2023-12-11T16:57:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CA93 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 217595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 04:30:49 GMT
expires: Sun, 08 Dec 2024 04:30:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A5DD 829 B
560 B 48ms
48ms Document
text/html 2404:6800:400a:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2004 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a2a4ac21e01ed670c60233cd056920ed8a0a681eb89ed8c02bad5cc3fc8aa27

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nzD3Al-YEfPXSHGnWsFbEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.guri2o1667.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-nzD3Al-YEfPXSHGnWsFbEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:57:24 GMT
expires: Mon, 11 Dec 2023 16:57:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame CA93 39 KB
15 KB 2ms
1ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 23:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 493193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 23:57:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A5DD 0
0 40ms
40ms Image
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=3498489636656697&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CA93 0
12 B 1ms
1ms Image
text/plain 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KGaUIw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:57:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A809 43 B
215 B 118ms
117ms Image
image/gif 2600:1f13:800:7782:bf7b:717d:d1bd:feca
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=4fd613b0-2cd0-73e3-39a5-22b67c82693f&tv=%7Bc:wxKT8z,time:1570,type:e,im:%7Bpci:%7Btdr:1509%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1570,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1564~0%5D,as:%5B1564~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:122,fm:tY9pp01+11%7C12%7C13%7C14%7C151%7C16%7C171%7C181%7C1911%7C1912%7C1913%7C1a11%7C1a12%7C1b1%7C1b2%7C1c1%7C1d1*.1525516-72173817%7C1d11,idMap:1d1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:29,sis:464%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:bf7b:717d:d1bd:feca Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:24 GMT
server: nginx
x-server-name: dt32.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=3498489636656697&bg=!m5ilmNfNAAY3kmNgF5I7ADQBe5WfOP9dFiwffk_-TR_G0YIcCORehs7TN6So-h4tAeycn7Xlh0C4ykf8fgWKo_Db8Ss_AgAAAEFSAAAADGgBBwoAPcP2IrVHWRZwIsIL0bECXsvgJ64G81dvpDeN94VoEWGqNGDh--4bY9J7mdIcxg30GvOJczw9cuKgKnw82iWZAt5uC5g9mfFDcGKeC5UZ1w7UHucWMHqQ28FLjjQMjTjgXXny3UpKp_Ye3RtCQ51EylBPZ4w96WZpf_yxUxUOcId4I0VoAinsE3lxmZqrqt9aCvfbo1mVizdeTYS2Vn5LzmvfD5UODG6a4AN8jXXQ_egnWCj79ocPqfGBTetDtkh8vcTUOLR0TqMzPUxIgECNU8YLPgEiM0EqDhQcavbzgo5MCZccKd-0WmLqly_PadMFrrzCPUpmav9Ke-t5SrxHNX84wdsppXzDKgSuxQeHbX2-Fj8bJWzKkOZ3INVvMNB_9238pkDb6ENWHu9hIHBSMDn4nhJeIFK2fVg9wsl1NDmzpTLYTvKnqmICMxJgSuBpZUZhRO6hrCpIkPxkPL2zsK7oY_VCurtElBk0mVb0LqzkIjDMpLKPKS0SV4oqTP5J5iFqDCOlaOFvPca5pKI_s3YzIATKaPHM-vNW1FBkVXcxVKRkNOXQaOreHPZm1FKG5tx-OZ0W0xb3I2KYQG9xBpC7SJz3f7FgGS1uYvEH8KA9e-uhCpaTnuHfwvG2Pd2E-5t0Izh108BxFi1Y3ErMYOJ14KfaeGLeSKv1wvMIMCHkDxkDOdT-F9C6GcZQygxaIiP68mk2JPrO-H49ppvwNGnPQkfXytAdUlPoGc23wOBGlm9isua8tpfbSqes8trfNkzTEKLOlZzDuU6_Fg1-Vit8dqbJfQCN54AXolrc1ow2hg_CUSdg1KZplfqL_-BHP5dT6Q1zpMLP2F6pNpoK1KzOr9nPgJTEwP4Vk8n6NfLjJxHvqTcQ9yYRWxMVUvBobtY1A4MuiVSuwgMT8Z9N4nLYvalUUl4dczAx8J4VhYyzqnBTzP1qPa8FsoGkQsInZFoLfHBS98npKFlyvmOkjC1_z2gom3qcGjIo0UYehvvoDBq3rUZZ6ZykoCvrCOUt3Q6aE3W_VjIUR6ANrKaMtrXzcl2Woix4pm0yh27GUw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.guri2o1667.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A809 42 B
64 B 40ms
39ms Fetch
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGErZ1DUuc839Y3MgFvHJPtolTrOUSkRavlIdMTlmGT_Iwy1zOaaHNW1ThppJfeP_VaIIF4xCcGKwrmQKKHsA43RJCdlQYwWQ4LJFmCSs_g3YxGvYwLiAeYacJ1mD1-xmy3PTlKe5S-rRkrd-HoIBxVHaS&sai=AMfl-YQH9q1xaRZ4dC7MGgA0ehe31EWl4I6PvTnGyC9bEzwC5IgVSz-Zpc9yXrlGIrP9KZQ_HKuigv2a0UkH-73BRUYjSd5WzgsCEwkOJTcjJlXFvFAEBwQmSXeqZ2xaZMJYG556ZrM-sFI2IhW9uKl8Ig&sig=Cg0ArKJSzLAP-SLz_ru9EAE&cid=CAQSTwDICaaNM2kOeo03apGk-1rGDSw591DCLUmJj5TmMAzxfCm67IKFdgJFbpvPjLo2N6X3iRdBx9LRwq0gYZPw30DbTFJt3ZLSjuAdqj-kn7wYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702313842699&rpt=1653&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A809 0
20 B 36ms
35ms Ping
image/gif 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4891035042035&version=m202309260101&ct=76&x=1&cor=16195564230596819000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A809 43 B
215 B 119ms
118ms Image
image/gif 2600:1f13:800:7782:bf7b:717d:d1bd:feca
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=4fd613b0-2cd0-73e3-39a5-22b67c82693f&tv=%7Bc:wxKTAu,pingTime:1,time:3301,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D,%7Bpiv:100,vs:i,r:,t:2296%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1005,o:2296,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2290~0,0~100%5D,as:%5B2290~728.90%5D%7D%7D,%7Bsl:i,t:2296,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:120,fm:tY9pp01+11%7C12%7C13%7C14%7C151%7C16%7C171%7C181%7C1911%7C1912%7C1913%7C1a11%7C1a12%7C1b1%7C1b2%7C1c1%7C1d1*.1525516-72173817%7C1d11,idMap:1d1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:29,sis:464%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:bf7b:717d:d1bd:feca Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:26 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A809 43 B
215 B 119ms
118ms Image
image/gif 2600:1f13:800:7782:bf7b:717d:d1bd:feca
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=4fd613b0-2cd0-73e3-39a5-22b67c82693f&tv=%7Bc:wxKTAv,pingTime:1,time:3302,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:28%7D,%7Bpiv:100,vs:i,r:,t:2296%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1006,o:2296,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2290~0,0~100%5D,as:%5B2290~728.90%5D%7D%7D,%7Bsl:i,t:2296,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:120,fm:tY9pp01+11%7C12%7C13%7C14%7C151%7C16%7C171%7C181%7C1911%7C1912%7C1913%7C1a11%7C1a12%7C1b1%7C1b2%7C1c1%7C1d1*.1525516-72173817%7C1d11,idMap:1d1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:29,sis:464%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:bf7b:717d:d1bd:feca Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 16:57:26 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 5I6q4iAMhYA
.youtube.com/	1970-01-20 21:11:05	Name: VISITOR_INFO1_LIVE Value: wtULfqIDvMM
.guri2o1667.work/	1970-01-20 16:53:20	Name: _gid Value: GA1.2.1311478420.1702313842
.guri2o1667.work/	1970-01-20 16:51:53	Name: _gat_UA-154986851-1 Value: 1
.guri2o1667.work/	1970-01-21 02:27:53	Name: _ga_HLDXGWFW73 Value: GS1.1.1702313841.1.0.1702313841.0.0.0
.guri2o1667.work/	1970-01-21 02:27:53	Name: _ga Value: GA1.1.537628235.1702313842
.guri2o1667.work/	1970-01-21 02:27:53	Name: _ga_ZRV7PEJY01 Value: GS1.2.1702313841.1.0.1702313841.0.0.0
.guri2o1667.work/	1970-01-21 02:13:29	Name: __gads Value: ID=a4f88c66c297ed60:T=1702313841:RT=1702313841:S=ALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw
.guri2o1667.work/	1970-01-21 02:13:29	Name: __gpi Value: UID=00000ca9b39c6e30:T=1702313841:RT=1702313841:S=ALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA
.googleadservices.com/	1970-01-20 19:01:29	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 16:51:57	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:27:53	Name: IDE Value: AHWqTUnJ4sk-ZKRhnwa2L3VZMkZfYWunsZ4SifIk2fCJp3MNS6TaNamHUdDOXyH9-ss
.doubleclick.net/	1970-01-20 21:11:05	Name: APC Value: AfxxVi699gmeSxg-TwfSmLztoCAye0WVAjnb1TnlANJRn4L3abDayw
.send.microad.jp/	1970-01-20 19:01:29	Name: TR Value: 6020a9d8314ac593d30b80f43bce85b73199fe29adb87ccc
.uncn.jp/	1970-01-21 01:37:29	Name: t Value: v_f31242b9-8b02-4556-b2f5-07f13d52a981
.r-ad.ne.jp/	1970-01-20 21:11:05	Name: r_ad_token Value: 57mGvN00ZBDGa007D25g
.teads.tv/	1970-01-21 01:36:03	Name: tt_viewer Value: eb98bf7a-2b0e-45eb-945a-92dec74f3411
.ctnsnet.com/	1970-01-21 01:37:29	Name: gid_CAESENHu6tEr3zL9I4AY0HEKpZs Value: 1
.ctnsnet.com/	1970-01-21 01:37:29	Name: cid_7a6128ef5b0a4492968345055834b141 Value: 1
.yahoo.co.jp/	1970-01-21 01:38:56	Name: XA Value: 5rtq6h5inefrj&sd=A&t=1702313843&u=1702313843&v=1
.yahoo.co.jp/	1970-01-21 02:27:53	Name: XB Value: 5aiu6utinefrj&b=3&s=mq
.turn.com/	1970-01-20 21:11:05	Name: uid Value: 3529663051052877098
.socdm.com/	1970-01-21 02:27:53	Name: SOC Value: ZXc-c8Co8XkAACDrwC8AAAAA
.pangle-ads.com/	1970-01-21 02:13:29	Name: _pangle Value: 2ZPBTlUj8l1SYQsoOe532AI1zEF
.tribalfusion.com/	1970-01-20 19:01:29	Name: ANON_ID Value: a7ntuJwyEoipuMNpaXU7bMZaqaepRjtwZdbJxQefXZbQEyT7IGW0vYS7u33Zbg6COUN4KdvDlrktgRPaQFjTHUjUCyi0
.adform.net/	1970-01-20 17:36:32	Name: C Value: 1
.yahoo.com/	1970-01-21 01:37:51	Name: A3 Value: d=AQABBHM_d2UCEDI28jWon2XE0aeXbOYb4pAFEgEBAQGQeGWBZQAAAAAA_eMAAA&S=AQAAAkc_xvxHvFHnjd3gHpW6p8Y
.adform.net/	1970-01-20 18:18:17	Name: uid Value: 4905003826169774647
.adtdp.com/	1970-01-21 02:27:53	Name: uid Value: AYxZz9vw-WBxG5fKnbA
.adtdp.com/	1970-01-21 02:27:53	Name: dynid Value: AYxZz9vw-WBxG5fKnbA
.socdm.com/	1970-01-21 02:27:53	Name: SOSYNC Value: anNvbjp7ImdkbiI6MTcwMjMxMzg0M30
.uuidksinc.net/	1970-01-21 01:37:29	Name: jcsuuid Value: UFG2hlDzfyT6sDMYJPYL
.everesttech.net/	1970-01-21 02:27:53	Name: everest_g_v2 Value: g_surferid~ZXc-dAAAGJ4EZGCi
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.microsoft.com/	1970-01-21 01:37:29	Name: MC1 Value: GUID=3b3f0f4399394c75899f63ba61124799&HASH=3b3f&LV=202312&V=4&LU=1702313844580
.microsoft.com/	1970-01-21 02:13:29	Name: MUID Value: 2772EAEBA3386B2E37C5F90FA7386D84
.analyticspixel.microsoft.com/	1970-01-20 17:01:58	Name: MR Value: 0
.gonet-ads.com/	1970-01-21 01:38:56	Name: pid Value: NGI0ZmNkNTkxYzQ3MDVmZQ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rws.a8.net/rakuten/ranking.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=600&adk=2226316099&adf=3536934912&pi=t.aa~a.1678542404~rp.4&w=290&fwrn=4&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=290x600&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200%2C640x200&nras=5&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=4023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=14 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2307171157063658&output=html&h=600&adk=2226316099&adf=3536934912&pi=t.aa~a.1678542404~rp.4&w=290&fwrn=4&fwrnh=100&lmt=1702313842&rafmt=1&to=qs&pwprc=9467480384&format=290x600&url=https%3A%2F%2Fwww.guri2o1667.work%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702313842513&bpp=1&bdt=1396&idt=0&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da4f88c66c297ed60%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_MbC3iRqj7onhPraq1XjJthPSc0kTw&gpic=UID%3D00000ca9b39c6e30%3AT%3D1702313841%3ART%3D1702313841%3AS%3DALNI_Ma9X5EBMnaH3Ok-WTuU6do6fzFrOA&prev_fmts=0x0%2C1030x280%2C640x200%2C640x200&nras=5&correlator=593224881156&frm=20&pv=1&ga_vid=537628235.1702313842&ga_sid=1702313842&ga_hid=1881191739&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1025&ady=4023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079919%2C44807406%2C95320870%2C95320885&oid=2&psts=AOrYGskDCb6QV10UpK7VheKlsKR4ro2PLlOuO2UzYxS3QwyInpbBnALg_MxPK0Z_Kv9uZYYQohn7Ww5JzNr_JkyXKuXGJoxy&pvsid=3498489636656697&tmod=1143262480&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=14 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/gpa_generic_image/arcadian_imgfit_stars_300x600.html".
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEP5rIQ4ZOyO6dwItv9NQudM&google_cver=1&google_push=AXcoOmQKex-DtvQhlqnsWnWM3nEQHXLU522_nIL1lnFMk2dJdPNuf4WPIMm-_mLHellF8RLJ_H2sQMoSxw6pnp2ZO7rGe0A9SnUpQIjQ-A Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.everesttech.net
analytics.pangle-ads.com
analyticspixel.microsoft.com
b.hatena.ne.jp
b.st-hatena.com
bid.g.doubleclick.net
blog.hatena.ne.jp
c1.adform.net
cdn-ak.f.st-hatena.com
cdn.blog.st-hatena.com
cdn.image.st-hatena.com
cdn.jsdelivr.net
cdn.profile-image.st-hatena.com
cdn.rawgit.com
cksync.yahoo.co.jp
clients1.google.com
cm.g.doubleclick.net
connect.facebook.net
cs.r-ad.ne.jp
cse.google.com
d.turn.com
dco-assets.everestads.net
ds.uncn.jp
dt.adsafeprotected.com
dynalyst-sync.adtdp.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gdn.socdm.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ipac.ctnsnet.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pf-api.hatena.com
platform.twitter.com
pr-bh.ybp.yahoo.com
rws.a8.net
s-cs.send.microad.jp
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
sync.gonet-ads.com
sync.teads.tv
syndication.twitter.com
tg.socdm.com
tpc.googlesyndication.com
usercss.blog.st-hatena.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.guri2o1667.work
www.youtube.com
104.244.42.8
124.146.153.163
13.115.18.61
13.35.49.63
142.250.199.98
142.250.207.2
142.251.8.156
172.217.161.66
18.176.234.133
18.65.216.116
182.22.31.124
184.27.185.4
185.84.60.20
185.98.54.153
188.42.105.220
2001:df2:a300:bbbb::136
202.233.84.8
202.241.208.2
204.79.197.204
23.204.139.144
23.215.243.88
23.37.117.101
23.39.217.2
23.51.130.131
2400:52e0:1501::1146:1
2404:6800:4004:801::2003
2404:6800:4004:80f::2003
2404:6800:4004:818::2002
2404:6800:4004:81d::200e
2404:6800:4004:81e::2008
2404:6800:4004:81e::200a
2404:6800:4004:820::200e
2404:6800:4004:822::2001
2404:6800:4004:822::2002
2404:6800:4004:822::200e
2404:6800:4004:825::2002
2404:6800:4004:825::200e
2404:6800:4004:826::2006
2404:6800:4004:828::200e
2404:6800:4008:c03::9a
2404:6800:400a:805::2004
2406:da18:929:5a03:f3ca:71cb:3519:40b
2600:1f13:800:7782:bf7b:717d:d1bd:feca
2600:9000:20c5:d600:8:48e:53c0:93a1
2606:2800:248:2f:1d8a:787:dc7:17df
2606:4700::6812:19ad
2606:4700::6812:acf
2a03:2880:f00f:8:face:b00c:0:1
2a04:4e42::485
35.160.173.212
35.186.193.173
35.73.236.89
35.75.255.9
52.69.85.8
54.199.90.60
54.238.129.226
54.249.131.168
54.249.88.200
65.9.42.68
0011c8532298b31e1b85c7c7d4f5997cad72566f1247deeff965cee49e8895e4
003cb71e350744d959dbb2d5a943e976c6cc9a614ab295e28df9f583945425bc
01290442c5f83c5492ff2b4290dceeda5a23d88697598149dabcf9216b433690
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01de7c9899895c024dfd2cdacf32ee1557b08d8fff6783b5c096a9ca2e8fa05c
028a29fd0d3995604b76a3ca4dacb7d846b695fc301182ca201f3e2b98d3eac1
05cfca54c38609923c19fcef8f4a646c1dd3386b813e6213539e35294c8a1f49
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
14d5b1b904f4fad602fc38d1424d0b3b03c8c26f4e36aad589e6cef18a6c0dba
14f386f7c5c13cd3869ac5018708bbe38719848f6511636bd7cb3b8c51586cfe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19f56ca9d412087eb5ae89db713651f31128fa8fe0c9ce23024ccb5ca961cab7
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
200c0ccda50b8a1a4ebeab7883e7a0c4d13da28d390f7528c96aa429014c44f9
2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
2342f3e288ee4fc441e985534ea9df09298b9b98daef0d462c3fb59cf17ddac8
256cd8902b938ff1464c713becb1e852c097eb94a6c9f1396364ca998633e90c
25ddd86f5287d140be6921358b86bc0577b4e434dc0c92adf5537b07f8a7692a
25e47c12de6501eafc1db63c7a322b88a600e6d6f5572034b206f611ab16d623
2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
337b48582e678fbdd44cad7ae127b0312ec4a92fc0b5f1bcfce283926f7b5eee
382effe436be25e88c620c95147a39e45425759c57816366d634bdf0f1119007
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a5ddf9ab9ac5247e3aca581f86a821eb7145960e390d6ca4088adf276ed9aaf
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d1170d51f2f77b7c11374437839bd809a008b990ab2ea4a8858d980c2e3b132
400bcfa50986cb714c088f52410c1d86f23cf931405f4198096ba618a190f15d
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
46bcaed5815c3721590c83b6c5844f189ce2c38982a680443e38c4b2c5f967c3
48058c7cae6c0edd1606307d30e0bfec5267501b07d1b1a664644c7e30121911
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d7caec01077344823f2f4ea2fa61623ddc63e0877fd02a413a7a1a058be3391
4ee691c0ed9dc28f508438369376bd2ea84c6abdc0944e049e0de060aa720a1b
50f9b55f799408d883bbbc2110c7b5f0cb0c9f5245d415d9a13ebda58e9ce087
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5293e94c7b769b6690121138ac058787bef37ef4730bc12805783ca94182fcb5
538bcf7665f67f09ea7e51a1f475039090a5f482c9cc4057fddffe61eb88bbc4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5622d7c0b6d2265dbca533e16777238c5f6c89d35e596757f00f8d0fdf0ccf66
5628a0ac534fa3721f6a5c73b49aefd07288dba3da94a710d621650f1b3eebba
57d3da56e16ce2a932574ba8291feb38f8c2faa03cfa95c97701b803e456a8bc
5aaa06aa0bab819b01c71ea806a54c9c00f01668de382c9e014e93c75863a460
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cacb85b4381eb68337b97be6929fc2c7d2e87ee2caefe34c9f91733ee131032
5fb62e9c3200fa29039822e9f1a07a051d3fa8e6ca02591b1dc5f8cd3afec282
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b796486b77f3bec81cc5543e3400349ddb6468c57f4111214c46d8d8fb3888
6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67e33c047d6bc4ef074607d5799c8332654ba54167a4307220942282dfcef1e1
69e0f73481c4fc661536e0a2bd0d67f71e51d31c44d66819ba59b72df89c6c30
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7355e1f782629cafdcbd09838b35dd5d7163f330cff8f141d5bc82eb962432d1
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
770158d16cb2ccb530d70933b5bd84f4569dab6fe2f56f915efb4408bb7fdaf5
77d574590b409180314935d629700f5e8246fa54508775d5d27fad3c442ddcab
798a26038b6f8dd808dda747c0052934a9be85811cc11e08f7c884de11b4c5ff
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
7d33e88540838e0dd3da5ac9998a3ca33a13dd16ef3479aeeb1b45d9dc2493d5
7dbe38248f4e160c4065df4c5ec4ada558e7abdbb17673635645c3aa527f4df0
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
81682ef9b1fe4dfb2da5fffd5ca414fe556beddb5297ab0b07e41c9fad1e8760
83010b1929b3c3d6a6f4b3e4d8c1b2b2151b1463ced580aab23bdf60366de1e2
83c0dd4f8fb4d53e1a1f28484cf8dedc0a2b4ae2ad9b1fcd62939a20eb4cb7cf
846ae3c0f0207a7abc94ed22d1f39fd5523ab6d10bfde28bffce20d5db2e9763
8691cd8933010d5a44d0f00f8ddcd1e7f068b590267494e90da73b6314b8ea70
87277aaa92757cf877a29c7a4e50e92977967d84296ba121693dd3a9e7ff39ff
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8d7b82b7dde8ab62e859f7a0de706c7f81c3d4d22b4094a4fbbb476dcf060e6f
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
8f41108f4257f9e6bd87a14fb2a9839b9b95ae795587ccf886c459c7b88088e1
9100a4fb469925bd483ee7987356ff4fbdf859439560918345e0bdcd0942ce08
917c5375ec6dcfbc7383eef12fe411343dccf9adc6730e70995d693c671a37d9
91ea9d151e7ab252501a473e052b27bf88d2096dc8cff8a0e298cffd710c31f4
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9a2a4ac21e01ed670c60233cd056920ed8a0a681eb89ed8c02bad5cc3fc8aa27
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dc7ea17f4fe20c5733dc6cf274c87a4316a9d96c3652e20a75f8a93b71f3dd3
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a073fb5df30b3c59c2c6631487c20e859d5271299e58caf54104d94f0e596a4c
a353cb8723c7c8ac771ce2fb660bd4dc1544b720a00a779ac4b7ec780cc41798
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a5cea4cf0051533f9c49c5808cc6f6bca1d223fc9f062b474282455ada2aa9c4
a81a5c2ff5ad3fcd835f9a5eea1f85abbe91d407c3ea70a35591bb56d728ae6f
a88b433671650f26461340ca7a0632469bb8a9b18399dd457d7a50131d360c6c
ab4fc0d036f7d73bd2e465681d76fe63c0945680ef5b9fb627b275c2c700ae71
ac133282c7f12db30b3f786a2125f31511dd3ee7620ea94af4a7b2d9be961dd8
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adcf4994650ee7b152ddbf049a827d18ab6ec4a84b403e1b68dbaa21236d520f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17395e149fb2147a23d8b5f758093d251af148273447e8582554ac38b474e79
b1b1661ffb71705ae01b3b0cea6c065ae93d49d6b547bfeeec0260fa92bf2793
b2f15f6258ea8cb74db1ad6e3ae6941a2f404136c021c0441bf58a5244dbfd7a
b6619405f0e688e0427b0c83584e65d364e4490f4e96e3fd4ef10cf5d51f9849
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
b9b06bd00738f4a68b4399de586c337caa1a3b68b1fe1617fd406292c901c078
bf755e051257e1d0e3f82b2bcbd76cfa012d1e690788545bcaec1cb2dcd4a1d5
bfd9935d4be8713c865e1cafe71638702f9d6f16c43c5bbe4bb5356725d2ceca
c32c746e0ac1d6e1b60b677bdf5e4da829f89af92e287d149b29aafee0d63193
c67367f76b00e1f99eb8ae2c294ba0b030ecf37a82a8e33f4e5d3a2fa8a0fcc2
c8140d02777fd6bf75a0fdd2de5a366e07d519ba44f3d6938579033c1515a18f
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c9211b98042b17907d74bb76aa84613fe8d9dec0208003af8082899a662a00c4
cb77ba62b09c6b3bf0ced7712da8c4fb9fc25e2a61dbff07b6eef071426ed0b8
ccf9d0c20e57aadbc0b92bc70a9e66637f15591574a7ecceffa4597445cd0dfd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d56f6a42842264430022d01f0343c6066af3aec6ba636170e1ba9ea9d065601a
d8036e6aba32d5a232a542b4c9d61d31babc76c8dc847de19e5f8ff812e06676
d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c
db2132ac28b5d234208606c72db2b5a6de02e406638a2707c73b635e1b31ba50
db3a3b8bff3d74b7f9e8b40e467b4383d2f51d3bf2ff11d9846baaa430128037
dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c
dbe71671fbca7351a07ac00012c6cbb7826ee6f6f56a22d4f590963049ab7062
dc2f89a221891fdcdf1224b55af497ef691f10afb666751af411e3260a8b7244
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e277619f8d239724e45cb95422f6ebbbf82216623c4957f325ac0131c8ae9746
e339b397e7b2ac0d2da5cdfe960dd7901fff4e054bb6c11e9959e81c0cb9519a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e64db28d2c53c932f4b0100853662076601e137f9ff0fef6fddb64310f247494
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e
e6fe6a47906a95d41d4415b72bde1b95a94963230cd5e62ea7d6cdec9bb5c519
e8929f781dc20a7ca7048c2263b63c41f715f4c7345386c444991533d4972668
e9023ce1e3d834c06a764552ae51723ca05a7d0681d60f51d9c3e5195526fcbd
e91f18aef3d70918333a3c43b2e9033637de0e63ed37bcfab636320bbcffb06a
eaca7c9347ddb083500e03e054821cfcb688efd2e2ade95baa65c42f49766ab8
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edd19becd01c99928f16745822f216d2f458e9a41b073ce1ca13c3a9f24e5eb7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff8e6a844522897b74ff661425c391c856245255ee4e41508ed8c066a722261
f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f80e4a05153c4ebd7bf37a684752745e71cf9ba88568ac53c5c90d428212d45f
f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16
fe21767f8dee850c40493b584246f94a5066621ce5ed0c482ce8e8a8d35bb168
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.guri2o1667.work Open in urlscan Pro 35.75.255.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

282 Requests

87 %HTTPS

44 %IPv6

41 Domains

62 Subdomains

47 IPs

8 Countries

8231 kBTransfer

14972 kBSize

38 Cookies

16 Outgoing links

Page URL History

Redirected requests

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.guri2o1667.work Open in urlscan Pro
35.75.255.9 Public Scan

Screenshot
Live screenshot

Full Image

282
Requests

87 %
HTTPS

44 %
IPv6

41
Domains

62
Subdomains

47
IPs

8
Countries

8231 kB
Transfer

14972 kB
Size

38
Cookies

282 HTTP transactions
8 data transactions